CVE-2020-5672
Stored XSS in KonaWiki3 (KonaWiki3 における格納型 XSS)
Because the sanitizing process is not performed properly, an arbitrary script is executed on the web browser of the user who accesses a wiki page containing a specially crafted content written by an attacker.
Disclosure Date
2020/11/16
Credit
stypr (@stereotype32)
Affected-Versions
KonaWiki: v3.1.1 and earlier
CWE
- CWE-79
