Description
In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display.
Remediation
References
https://markmail.org/message/6bxjyaolehhq7jrl
Related Vulnerabilities
CVE-2020-25724 Vulnerability in maven package io.quarkus:quarkus-resteasy-reactive-parent-aggregator
CVE-2020-15256 Vulnerability in npm package object-path-set
CVE-2019-5423 Vulnerability in npm package http-live-simulator
CVE-2021-28170 Vulnerability in maven package org.glassfish:jakarta.el
CVE-2019-10302 Vulnerability in maven package org.jenkins-ci.plugins:jira-ext