Description
In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display.
Remediation
References
https://markmail.org/message/6bxjyaolehhq7jrl
Related Vulnerabilities
CVE-2020-2291 Vulnerability in maven package org.jenkins-ci.plugins:couchdb-statistics
CVE-2023-27087 Vulnerability in maven package com.xuxueli:xxl-job
CVE-2019-12418 Vulnerability in maven package org.apache.tomcat:tomcat-catalina-jmx-remote
CVE-2019-10425 Vulnerability in maven package org.jvnet.hudson.plugins:gcal
CVE-2019-10296 Vulnerability in maven package com.urbancode.ds.jenkins.plugins:sra-deploy