Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jspwiki vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2021-40369
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSP...
Apache Jspwiki
6.1
CVSSv3
CVE-2019-10090
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-12407
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the JSPs, which could allow the malicious user to execute javascript in the victim's brow...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-10089
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the WYSIWYG editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensiti...
Apache Jspwiki
Apache Jspwiki 2.11.0
6.1
CVSSv3
CVE-2019-10087
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, which could allow the malicious user to execute javascript in the victim's browser and get some ...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-12404
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to InfoContent.jsp, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive ...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-10076
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Apache Jspwiki
Apache Jspwiki 2.11.0
6.1
CVSSv3
CVE-2019-10077
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Apache Jspwiki
Apache Jspwiki 2.11.0
6.1
CVSSv3
CVE-2019-10078
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.
Apache Jspwiki
Apache Jspwiki 2.11.0
7.5
CVSSv3
CVE-2019-0225
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an malicious user to obtain registered users' details.
Apache Jspwiki 2.11.0
Apache Jspwiki
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000
CVE-2024-4439
unauthorized
CVE-2024-0042
CVE-2024-31848
CVE-2023-40694
cache poisoning
CVE-2024-23707
firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »