Description
Wiki comments required additional sanitizing and access restrictions to prevent a stored XSS risk and potential IDOR risk.
Remediation
References
Related Vulnerabilities
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2007-2748)
WordPress Plugin eShop Code Injection (6.3.11)
Jenkins Improper Authentication Vulnerability (CVE-2017-2604)
Atlassian Jira Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-13404)
Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2011-3348)