Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jspwiki vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-10087
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, which could allow the malicious user to execute javascript in the victim's browser and get some ...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-10089
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the WYSIWYG editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensiti...
Apache Jspwiki
Apache Jspwiki 2.11.0
6.1
CVSSv3
CVE-2019-0224
In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own brow...
Apache Jspwiki
Apache Jspwiki 2.11.0
7.5
CVSSv3
CVE-2019-0225
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an malicious user to obtain registered users' details.
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-10090
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-12404
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to InfoContent.jsp, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive ...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-12407
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the JSPs, which could allow the malicious user to execute javascript in the victim's brow...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2018-20242
A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, from versions up to 2.10.5, which could lead to session hijacking.
Apache Jspwiki
6.1
CVSSv3
CVE-2022-28730
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-...
Apache Jspwiki
6.1
CVSSv3
CVE-2022-28732
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2....
Apache Jspwiki
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »