CVE Vulnerability
CVE-2020-13654
XWiki Platform before 12.8 mishandles escaping in the property displayer.
References
| Link | Resource |
|---|---|
| https://github.com/xwiki/xwiki-platform/compare/xwiki-platform-12.7.1...xwiki-platform-12.8 | Third Party Advisory |
| https://jira.xwiki.org/browse/XWIKI-17374 | Issue Tracking Permissions Required |
| https://github.com/xwiki/xwiki-platform/pull/1315 | Third Party Advisory |
Configurations
Configuration 1
|
Information
Published : 2020-12-31 01:15
Updated : 2021-01-05 09:15
NVD link : CVE-2020-13654
Mitre link : CVE-2020-13654
Products Affected
No products.
CWE
CWE-116
Improper Encoding or Escaping of Output