Description
Strapi before 3.2.5 has stored XSS in the wysiwyg editor's preview feature.
Remediation
References
https://github.com/strapi/strapi/pull/8440
https://github.com/strapi/strapi/releases/tag/v3.2.5
Related Vulnerabilities
CVE-2023-29527 Vulnerability in maven package org.xwiki.platform:xwiki-platform-appwithinminutes-ui
CVE-2021-39152 Vulnerability in maven package com.thoughtworks.xstream:xstream
CVE-2011-2526 Vulnerability in maven package org.apache.tomcat:tomcat-coyote
CVE-2022-36913 Vulnerability in maven package org.jenkins-ci.plugins:openstack-heat
CVE-2018-1000193 Vulnerability in maven package org.jenkins-ci.main:jenkins-core