Description
Cross-site scripting (XSS) vulnerability in ZK Framework before 5.0.13 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Remediation
References
http://archives.neohapsis.com/archives/fulldisclosure/2013-11/0101.html
http://secunia.com/advisories/55690
https://github.com/zkoss/zk/blob/v5.0.13/zkdoc/release-note
Related Vulnerabilities
CVE-2023-36479 Vulnerability in maven package org.eclipse.jetty.ee9:jetty-ee9-servlets
CVE-2017-1000090 Vulnerability in maven package org.jenkins-ci.plugins:role-strategy
CVE-2019-10428 Vulnerability in maven package org.jenkins-ci.plugins:aqua-security-scanner
CVE-2022-40955 Vulnerability in maven package org.apache.inlong:manager-pojo