Description
A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity.
Remediation
References
Related Vulnerabilities
WordPress Plugin Portfolio Gallery-Photo Gallery Multiple Unspecified Vulnerabilities (2.0.72)
WordPress Plugin WP-Lytebox 'pg' Parameter Local File Inclusion (1.3)
PHP Other Vulnerability (CVE-2007-1824)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6335)
WordPress Plugin Flash Photo Gallery Cross-Site Scripting (0.7)