Apache JSPWiki is an open source WikiWiki engine built on Java, Servlet and JSP from the Apache Foundation. security vulnerability exists in versions prior to Apache JSPWiki 2.11.3, which stems from a carefully crafted request on the WeblogPlugin that could trigger an XSS vulnerability, which could be exploited by an attacker to victim’s browser to execute javascript and obtain some sensitive information about the victim.