Lucene search
ApacheCVELIST:CVE-2022-24948HistoryFeb 25, 2022 - 8:30 a.m.
CVE-2022-24948 Apache JSPWiki Cross-site scripting vulnerability on User Preferences screen
2022-02-2508:30:19
apache
www.cve.org
A carefully crafted user preferences for submission could trigger an XSS vulnerability on Apache JSPWiki, related to the user preferences screen, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.2 or later.
CNA Affected
[
{
"product": "Apache JSPWiki",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "Apache JSPWiki up to 2.11.1 "
}
]
}
]Related
cnvd
cnvd
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2022-17019)
2022-03-01 00:00:00
prion
prion
Design/Logic Flaw
2022-02-25 09:15:00
veracode
veracode
Cross-site Scripting (XSS)
2022-02-28 08:09:26
cve
cve
CVE-2022-24948
2022-02-25 09:15:07
nvd
nvd
CVE-2022-24948
2022-02-25 09:15:07
osv
osv
CVE-2022-24948
2022-02-25 09:15:07
Cross-site Scripting in Apache JSPWiki
2022-02-26 00:00:44
github
github
Cross-site Scripting in Apache JSPWiki
2022-02-26 00:00:44
openvas
openvas
Apache JSPWiki < 2.11.2 Multiple Vulnerabilities
2022-02-25 00:00:00