Disclosure Date 2020/11/16
CVE-2020-5673
Reflected Cross-site Scripting in KonaWiki3
KonaWiki3 における反射型 XSS (クロスサイトスクリプティング)
Credit
stypr (@stereotype32)
Affected-Versions
KonaWiki: v3.1.1 and earlier
CWE
- CWE-79
Description
Because the sanitizing process is not performed properly, an arbitrary web script is executed on the web browser of the user who accesses a specially crafted URL.
