[jira] [Commented] (JSPWIKI-1204) Security Ticket: XBOW-024-109 XSS in JSPWiki Header Link Name

ASF subversion and git services (Jira) Mon, 20 Jan 2025 08:24:19 -0800


    [ 
https://issues.apache.org/jira/browse/JSPWIKI-1204?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17914726#comment-17914726
 ]


ASF subversion and git services commented on JSPWIKI-1204:
----------------------------------------------------------

Commit f4089cb6d53223c2c291196ba687753a8b0422cf in jspwiki's branch 
refs/heads/master from Arturo Bernal
[ https://gitbox.apache.org/repos/asf?p=jspwiki.git;h=f4089cb6d ]

Merge pull request #376 from arturobernalg/JSPWIKI-1204

[SECURITY][XBOW-024-109] Fix XSS vulnerability in header link rendering

> Security Ticket: XBOW-024-109 XSS in JSPWiki Header Link Name
> -------------------------------------------------------------
>
>                 Key: JSPWIKI-1204
>                 URL: https://issues.apache.org/jira/browse/JSPWIKI-1204
>             Project: JSPWiki
>          Issue Type: Bug
>            Reporter: Arturo Bernal
>            Assignee: Arturo Bernal
>            Priority: Major
>
> A vulnerability in the handling of footnote links in JSPWiki allows for XSS 
> injection. Specifically, when an HTML or Markdown link contains malicious 
> scripts, it is improperly rendered in the output, leading to a potential XSS 
> attack.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (JSPWIKI-1204) Security Ticket: XBOW-024-109 XSS in JSPWiki Header Link Name

Reply via email to