Description
Cross Site Scripting (XSS) vulnerability in xCss Valine v1.4.14 via the nick parameter to /classes/Comment.
Remediation
References
https://github.com/xCss/Valine/issues/348
Related Vulnerabilities
CVE-2018-1000644 Vulnerability in maven package org.eclipse.rdf4j:rdf4j-rio-trix
CVE-2021-20195 Vulnerability in maven package org.keycloak:keycloak-core
CVE-2020-15138 Vulnerability in npm package prismjs
CVE-2022-35142 Vulnerability in npm package raneto
CVE-2023-45648 Vulnerability in maven package org.apache.tomcat:tomcat