XWiki 12.10.2 allows XSS via an SVG document to the upload feature of the comment section.Referenceshttps://www.exploit-db.com/exploits/49437
