2 matches found
org.apache.jspwiki.it:jspwiki-selenide-tests (>=2.11.0 <=2.11.2), org.apache.jspwiki:jspwiki-210-adapters (>=2.11.0 <=2.11.2) +5 more potentially affected by CVE-2022-28732 via org.apache.jspwiki:jspwiki-main (>=2.11.0 <=2.11.2)
org.apache.jspwiki:jspwiki-main MAVEN version =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.2 Source cves: CVE-2022-28732 Source advisory: OSV:GHSA-HPH8-29XW-QFXX...
CVE-2021-39354
The Easy Digital Downloads WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the $startdate and $enddate parameters found in the /includes/admin/payments/class-payments-table.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 2.11.2...