Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache jspwiki 2.11.0 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-10087
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, which could allow the malicious user to execute javascript in the victim's browser and get some ...
Apache Jspwiki 2.11.0
Apache Jspwiki
383
VMScore
CVE-2019-10076
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Apache Jspwiki
Apache Jspwiki 2.11.0
383
VMScore
CVE-2019-10077
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Apache Jspwiki
Apache Jspwiki 2.11.0
383
VMScore
CVE-2019-10078
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.
Apache Jspwiki
Apache Jspwiki 2.11.0
383
VMScore
CVE-2019-12404
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to InfoContent.jsp, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive ...
Apache Jspwiki 2.11.0
Apache Jspwiki
383
VMScore
CVE-2019-0224
In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own brow...
Apache Jspwiki
Apache Jspwiki 2.11.0
694
VMScore
CVE-2019-0225
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an malicious user to obtain registered users' details.
Apache Jspwiki 2.11.0
Apache Jspwiki
383
VMScore
CVE-2019-10089
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the WYSIWYG editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensiti...
Apache Jspwiki
Apache Jspwiki 2.11.0
383
VMScore
CVE-2019-10090
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive...
Apache Jspwiki 2.11.0
Apache Jspwiki
383
VMScore
CVE-2019-12407
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the JSPs, which could allow the malicious user to execute javascript in the victim's brow...
Apache Jspwiki 2.11.0
Apache Jspwiki
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »