Lucene search
GoogleOSV:CVE-2019-12404HistorySep 23, 2019 - 3:15 p.m.
CVE-2019-12404
2019-09-2315:15:10
Google
osv.dev
4
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to InfoContent.jsp, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim.
| CPE | Name | Operator | Version |
|---|---|---|---|
| jspwiki | eq | 2.10.4-RC1 | |
| jspwiki | eq | 2.10.5-RC1 | |
| jspwiki | eq | 2.10.5-RC2 | |
| jspwiki | eq | 2.10.4-RC3 | |
| jspwiki | eq | 2.10.3-RC2 | |
| jspwiki | eq | 2.10.5 | |
| jspwiki | eq | 2.10.4-RC2 | |
| jspwiki | eq | 2.10.4 | |
| jspwiki | eq | 2.10.3-RC1 | |
| jspwiki | eq | 2.10.3 |
Related
nvd
nvd
CVE-2019-12404
2019-09-23 15:15:10
ubuntucve
ubuntucve
CVE-2019-12404
2019-09-23 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2019-09-23 06:11:50
prion
prion
Information disclosure
2019-09-23 15:15:00
cve
cve
CVE-2019-12404
2019-09-23 15:15:10
cvelist
cvelist
CVE-2019-12404
2019-09-23 14:54:35
osv
osv
Cross-site scripting in Apache JSPWiki
2019-10-11 18:41:59
github
github
Cross-site scripting in Apache JSPWiki
2019-10-11 18:41:59
openvas
openvas
Apache JSPWiki < 2.11.0.M5 Multiple Vulnerabilities
2022-01-12 00:00:00