Description
XWiki Platform before 12.8 mishandles escaping in the property displayer.
Remediation
References
https://github.com/xwiki/xwiki-platform/compare/xwiki-platform-12.7.1...xwiki-platform-12.8
https://jira.xwiki.org/browse/XWIKI-17374
https://github.com/xwiki/xwiki-platform/pull/1315
https://cve.nstsec.com/cve-2020-13654
Related Vulnerabilities
CVE-2021-41182 Vulnerability in maven package org.webjars.npm:jquery-ui
CVE-2019-11003 Vulnerability in maven package org.webjars.npm:materialize-css
CVE-2022-36092 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2016-4432 Vulnerability in maven package org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol