CVE-2023-29202: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

April 12, 2023

Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) in org.xwiki.platform:xwiki-platform-rendering-macro-rss.

References

github.com/advisories/GHSA-c885-89fw-55qr
github.com/xwiki/xwiki-platform/commit/5c7ebe47c2897e92d8f04fe2e15027e84dc3ec03
github.com/xwiki/xwiki-platform/security/advisories/GHSA-c885-89fw-55qr
jira.xwiki.org/browse/XWIKI-19671

Detect and mitigate CVE-2023-29202 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →