Lucene search
China National Vulnerability DatabaseCNVD-2021-92465HistoryNov 25, 2021 - 12:00 a.m.
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2021-92465)
2021-11-2500:00:00
China National Vulnerability Database
www.cnvd.org.cn
13
apache jspwiki
cross-site scripting
vulnerability
plugin link call
xss
denounce plugin
exploitation
javascript
EPSS
0.003
Percentile
70.3%
Apache JSPWiki is an open source WikiWiki engine built on Java, Servlet, and JSP from the Apache Foundation.A security vulnerability exists in Apache JSPWiki, which stems from a well-designed plugin link call that could trigger an XSS vulnerability in Apache JSPWiki related to Denounce plug-in-related XSS vulnerability, which can be exploited by attackers to execute javascript in the victim’s browser and obtain some sensitive information about the victim.
Related
osv
osv
Apache JSPWiki Cross-site Scripting due to carefully crafted plugin link invocation
2021-12-02 17:49:14
CVE-2021-40369
2021-11-24 12:15:07
Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369
2022-08-05 00:00:30
cvelist
cvelist
CVE-2021-40369 XSS vulnerability on Denounce plugin
2021-11-24 11:15:13
veracode
veracode
Cross-site Scripting (XSS)
2021-11-26 07:57:07
nvd
nvd
CVE-2021-40369
2021-11-24 12:15:07
CVE-2022-28730
2022-08-04 07:15:07
github
github
Apache JSPWiki Cross-site Scripting due to carefully crafted plugin link invocation
2021-12-02 17:49:14
Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369
2022-08-05 00:00:30
ubuntucve
ubuntucve
CVE-2021-40369
2021-11-24 00:00:00
CVE-2022-28730
2022-08-04 00:00:00
prion
prion
Information disclosure
2021-11-24 12:15:00
Design/Logic Flaw
2022-08-04 07:15:00
cve
cve
CVE-2021-40369
2021-11-24 12:15:07
CVE-2022-28730
2022-08-04 07:15:07
cnvd
cnvd
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2022-83597)
2022-08-08 00:00:00
openvas
openvas
Apache JSPWiki < 2.11.0 Multiple Vulnerabilities
2022-01-12 00:00:00