CVE-2023-40176: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

August 21, 2023

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in org.xwiki.platform:xwiki-platform-web-templates.

References

github.com/advisories/GHSA-h8cm-3v5f-rgp6
github.com/xwiki/xwiki-platform/commit/d11ca5d781f8a42a85bc98eb82306c1431e764d4
github.com/xwiki/xwiki-platform/security/advisories/GHSA-h8cm-3v5f-rgp6
jira.xwiki.org/browse/XWIKI-7847

Code Behaviors & Features

Detect and mitigate CVE-2023-40176 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →