Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

References

• https://nvd.nist.gov/vuln/detail/CVE-2010-4642
• https://exchange.xforce.ibmcloud.com/vulnerabilities/62942
• http://secunia.com/advisories/42058
• http://www.osvdb.org/68977
• http://www.securityfocus.com/bid/44601
• http://www.xwiki.org/xwiki/bin/view/ReleaseNotes/ReleaseNotesXWikiEnterprise25