Lucene search

K

PRIOn knowledge basePRION:CVE-2019-10078

HistoryMay 20, 2019 - 9:29 p.m.

Information disclosure

2019-05-2021:29:00

PRIOn knowledge base

www.prio-n.com

0.006 Low

EPSS

Percentile

79.1%

A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.

CPENameOperatorVersion
jspwikige2.9.0
jspwikile2.11.0
jspwikieq2.11.0
jspwikieq2.11.0 m1.rc3
jspwikieq2.11.0 m1
jspwikieq2.11.0
jspwikieq2.11.0 m2
jspwikieq2.11.0

References

www.openwall.com/lists/oss-security/2019/05/19/6

www.securityfocus.com/bid/108437

jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10078

lists.apache.org/thread.html/24f324ef11e43ba89ec9aac3725a5ecd4289835639c476299e7660d9@%3Cdev.jspwiki.apache.org%3E

lists.apache.org/thread.html/959811b776e1a332a1a4295405b683fd64190d079a7c3028f1c314d7@%3Cdev.jspwiki.apache.org%3E

lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E

0.006 Low

EPSS

Percentile

79.1%

Related for PRION:CVE-2019-10078

ubuntucve1 cve1 veracode1 nvd1 osv2 cvelist1 github1 openvas1