Lucene search
China National Vulnerability DatabaseCNVD-2022-76239HistoryAug 08, 2022 - 12:00 a.m.
Apache JSPWiki Cross-Site Request Forgery Vulnerability (CNVD-2022-76239)
2022-08-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
apache jspwiki
cross-site request forgery
vulnerability
userpreferences.jsp
email modification
password reset.
EPSS
0.001
Percentile
27.3%
Apache JSPWiki is an open source WikiWiki engine built on Java, Servlet and JSP from the Apache Foundation. security vulnerability exists in versions prior to Apache JSPWiki 2.11.3, which stems from a crafted request on UserPreferences.jsp could trigger a CSRF vulnerability that could be exploited by an attacker to modify the email associated with the attacked account and then request a password reset from the login page.
Related
ubuntucve
ubuntucve
CVE-2022-28731
2022-08-04 00:00:00
cve
cve
CVE-2022-28731
2022-08-04 07:15:07
nvd
nvd
CVE-2022-28731
2022-08-04 07:15:07
github
github
Apache JSPWiki CSRF due to crafted request on UserPreferences.jsp
2022-08-05 00:00:30
prion
prion
Cross site request forgery (csrf)
2022-08-04 07:15:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2022-08-05 04:01:08
cvelist
cvelist
CVE-2022-28731 Apache JSPWiki CSRF in UserPreferences.jsp
2022-08-04 06:15:43
osv
osv
CVE-2022-28731
2022-08-04 07:15:07
Apache JSPWiki CSRF due to crafted request on UserPreferences.jsp
2022-08-05 00:00:30
openvas
openvas
Apache JSPWiki < 2.11.3 Multiple Vulnerabilities
2022-08-05 00:00:00