Description Sakai through 12.6 allows XSS via a chat user name. Remediation References https://github.com/sakaiproject/sakai/pull/6971 Related Vulnerabilities CVE-2022-41933 Vulnerability in maven package org.xwiki.platform:xwiki-platform-security-authentication-default CVE-2020-7617 Vulnerability in npm package ini-parser CVE-2021-3632 Vulnerability in maven package org.keycloak:keycloak-core CVE-2022-29256 Vulnerability in npm package sharp CVE-2019-10384 Vulnerability in maven package org.jenkins-ci.main:jenkins-core Severity High Classification CWE-79 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Tags Patch Third Party Advisory