Description
An anonymous user can craft a URL with text that ends up in the log viewer as is. The text can then include textual messages to mislead the administrator.
Remediation
References
https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602
Related Vulnerabilities
CVE-2021-41184 Vulnerability in maven package org.webjars.bowergithub.jquery:jquery-ui
CVE-2016-0793 Vulnerability in maven package org.wildfly:wildfly-undertow
CVE-2017-4963 Vulnerability in maven package org.cloudfoundry.identity:cloudfoundry-identity-common
CVE-2011-4905 Vulnerability in maven package activemq:activemq-core
CVE-2014-3503 Vulnerability in maven package org.apache.syncope:syncope-core