Description
A Cross Site Scripting (XSS) vulnerability exists in Nacos 2.0.3 in auth/users via the (1) pageSize and (2) pageNo parameters.
Remediation
References
https://github.com/alibaba/nacos/issues/7359
Related Vulnerabilities
CVE-2022-23494 Vulnerability in npm package tinymce
CVE-2023-37963 Vulnerability in maven package io.jenkins.plugins:benchmark-evaluator
CVE-2017-16109 Vulnerability in npm package easyquick
CVE-2022-41927 Vulnerability in maven package org.xwiki.platform:xwiki-platform-tag-ui
CVE-2022-34114 Vulnerability in maven package io.dataease:dataease-plugin-common