CVE-2020-5672
Stored Cross-site Scripting in KonaWiki3 (KonaWiki3 における格納型 XSS (クロスサイトスクリプティング))
Because the sanitizing process is not performed properly, an arbitrary script is executed on the web browser of the user who accesses a wiki page containing a specially crafted content written by an attacker.
Disclosure Date
2020/11/16
Credit
stypr (@stereotype32)
Affected-Versions
KonaWiki: v3.1.1 and earlier
CWE
CWE-79
