<!--X-Body-Begin-->
<!--X-User-Header-->
oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
[CVE-2019-10077] Apache JSPWiki Cross-site scripting vulnerability
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Juan Pablo Santos Rodríguez <juanpablo () apache org>
Date: Sun, 19 May 2019 18:05:36 +0200
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
[CVEID]:CVE-2019-10077
[PRODUCT]:Apache JSPWiki
[VERSION]:Apache JSPWiki 2.9.0 to 2.11.0.M3
[PROBLEMTYPE]:Cross-site scripting vulnerability
[REFERENCES]:https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10077
[DESCRIPTION]:A carefully crafted InterWiki link could trigger an XSS
vulnerability on Apache JSPWiki, which could lead to session hijacking.
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
By Date
By Thread
Current thread:
[CVE-2019-10077] Apache JSPWiki Cross-site scripting vulnerability Juan Pablo Santos Rodríguez (May 19)
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->