Apache JSPWiki user preferences form is vulnerable to CSRF attacks, which can lead to account takeover. Apache JSPWiki users should upgrade to 2.11.2 or later.
Severity
Critical
Vendor
The Apache Software Foundation
Versions Affected
Apache JSPWiki up to 2111
Description
Apache JSPWiki user preferences form is vulnerable to CSRF attacks,
which can lead to account takeover
Mitigation
Apache JSPWiki users should upgrade to 2112 or later Installations
mitigate the issue
Credit
This issue was dis ...