Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jspwiki vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-10087
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, which could allow the malicious user to execute javascript in the victim's browser and get some ...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-10089
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the WYSIWYG editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensiti...
Apache Jspwiki
Apache Jspwiki 2.11.0
6.1
CVSSv3
CVE-2019-10090
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-0224
In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own brow...
Apache Jspwiki
Apache Jspwiki 2.11.0
7.5
CVSSv3
CVE-2019-0225
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to 2.11.0.M2, which could be used by an malicious user to obtain registered users' details.
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-12407
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the remember parameter on some of the JSPs, which could allow the malicious user to execute javascript in the victim's brow...
Apache Jspwiki 2.11.0
Apache Jspwiki
6.1
CVSSv3
CVE-2019-10077
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Apache Jspwiki
Apache Jspwiki 2.11.0
8.8
CVSSv3
CVE-2022-34158
A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki prior to 2.11.3, which could allow a group privilege escalation of the attacker's account. Further examination of this issue established that it could also be used to mod...
Apache Jspwiki
6.1
CVSSv3
CVE-2022-46907
A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the malicious user to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should up...
Apache Jspwiki
6.1
CVSSv3
CVE-2018-20242
A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, from versions up to 2.10.5, which could lead to session hijacking.
Apache Jspwiki
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »