Disclosure Date 2020/11/16

CVE-2020-5672

Stored Cross-site Scripting in KonaWiki3

KonaWiki3 における格納型 XSS (クロスサイトスクリプティング)

Description

Because the sanitizing process is not performed properly, an arbitrary script is executed on the web browser of the user who accesses a wiki page containing a specially crafted content written by an attacker.