4 matches found
CVE-2021-44140
creationtimestamp| type| source ---|---|--- 2021-11-24 14:26:46+00:00| seen| https://t.me/cibsecurity/32930 2024-01-28 06:33:25+00:00| seen| https://t.me/arpsyndicate/3235...
CVE-2021-44140
Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later...
CVE-2021-44140 Arbitrary file deletion on logout
Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later...
CVE-2021-44140
CVE-2021-44140 affects Apache JSPWiki. A remote attacker can delete arbitrary files on a system hosting JSPWiki by sending a crafted HTTP request during logout, if those files are reachable by the user running JSPWiki. Affected software versions include up to 2.11.0.M8, with a recommended fix: up...