Lucene search
K

4 matches found

Circl
Circl
added 2021/11/24 2:26 p.m.5 views

CVE-2021-44140

creationtimestamp| type| source ---|---|--- 2021-11-24 14:26:46+00:00| seen| https://t.me/cibsecurity/32930 2024-01-28 06:33:25+00:00| seen| https://t.me/arpsyndicate/3235...

9.1CVSS7.8AI score0.06158EPSS
Exploits0References2
OSV
OSV
added 2021/11/24 12:15 p.m.21 views

CVE-2021-44140

Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later...

9.1CVSS6.9AI score0.06158EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/24 11:15 a.m.24 views

CVE-2021-44140 Arbitrary file deletion on logout

Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later...

9.4AI score0.06158EPSS
Exploits0References2
CVE
CVE
added 2021/11/24 11:15 a.m.95 views

CVE-2021-44140

CVE-2021-44140 affects Apache JSPWiki. A remote attacker can delete arbitrary files on a system hosting JSPWiki by sending a crafted HTTP request during logout, if those files are reachable by the user running JSPWiki. Affected software versions include up to 2.11.0.M8, with a recommended fix: up...

9.1CVSS9.2AI score0.06158EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder