Lucene search
GoogleOSV:CVE-2019-0224HistoryMar 28, 2019 - 9:29 p.m.
CVE-2019-0224
2019-03-2821:29:00
Google
osv.dev
2
In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user’s session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else’s browser; only on its own browser.
References
www.securityfocus.com/bid/107631
jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0224
lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16%40%3Ccommits.jspwiki.apache.org%3E
lists.apache.org/thread.html/b4b4992a93d899050c1117a07c3c7fc9a175ec0672ab97065228de67%40%3Cdev.jspwiki.apache.org%3E
lists.apache.org/thread.html/e42d6e93384d4a33e939989cd00ea2a06ccf1e7bb1e6bdd3bf5187c1%40%3Ccommits.jspwiki.apache.org%3E
Related
ubuntucve
ubuntucve
CVE-2019-0224
2019-03-28 00:00:00
cve
cve
CVE-2019-0224
2019-03-28 21:29:00
veracode
veracode
Cross-site Scripting (XSS)
2019-03-29 02:48:02
cvelist
cvelist
CVE-2019-0224
2019-03-28 21:00:53
nvd
nvd
CVE-2019-0224
2019-03-28 21:29:00
prion
prion
Input validation
2019-03-28 21:29:00
osv
osv
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main
2019-04-02 15:46:48
github
github
Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main
2019-04-02 15:46:48
openvas
openvas
Apache JSPWiki < 2.11.0.M3 Multiple Vulnerabilities
2022-01-12 00:00:00