XWiki Platform before 12.8 mishandles escaping in the property displayer.
References
Link | Resource |
---|---|
https://cve.nstsec.com/cve-2020-13654 | |
https://github.com/xwiki/xwiki-platform/compare/xwiki-platform-12.7.1...xwiki-platform-12.8 | Third Party Advisory |
https://github.com/xwiki/xwiki-platform/pull/1315 | Third Party Advisory |
https://jira.xwiki.org/browse/XWIKI-17374 | Issue Tracking Permissions Required Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2020-12-31T00:00:00
Updated: 2024-06-04T17:12:22.807Z
Reserved: 2020-05-28T00:00:00
Link: CVE-2020-13654
JSON object: View
NVD Information
Status : Modified
Published: 2020-12-31T01:15:12.600
Modified: 2024-05-02T17:15:07.590
Link: CVE-2020-13654
JSON object: View
Redhat Information
No data.
CWE