Description
Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment.
Remediation
References
https://github.com/xCss/Valine/issues/348
Related Vulnerabilities
CVE-2023-22457 Vulnerability in maven package org.xwiki.contrib:application-ckeditor-ui
CVE-2020-13947 Vulnerability in maven package org.apache.activemq:activemq-web-console
CVE-2021-43812 Vulnerability in npm package @auth0/nextjs-auth0
CVE-2019-16942 Vulnerability in maven package com.fasterxml.jackson.core:jackson-databind
CVE-2022-36010 Vulnerability in npm package react-editable-json-tree