JSPWiki 2.4.103 and 2.5.139-beta allows remote malicious users to obtain sensitive information (full path) via an invalid integer in the version parameter to the default URI under attach/Main/.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jspwiki jspwiki 2.4.103 |
||
jspwiki jspwiki 2.5.139-beta |