Description
A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity.
Remediation
References
Related Vulnerabilities
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (6.0.4)
Phusion Passenger Other Vulnerability (CVE-2014-1832)
Perl Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-2827)
WordPress Plugin Profile Builder-User Profile & User Registration Forms Security Bypass (3.1.0)
WordPress Plugin Pressbooks Textbook Cross-Site Scripting (1.2.5)