Description
Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment.
Remediation
References
https://github.com/xCss/Valine/issues/348
Related Vulnerabilities
CVE-2018-25079 Vulnerability in maven package org.webjars.npm:is-url
CVE-2021-21331 Vulnerability in maven package com.datadoghq:datadog-api-client
CVE-2021-21165 Vulnerability in maven package org.webjars.npm:electron
CVE-2022-34115 Vulnerability in maven package io.dataease:dataease-plugin-common
CVE-2021-43306 Vulnerability in maven package org.webjars.npm:jquery-validation