21 matches found
CVE-2022-28730
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce...
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2022-83597)
Apache JSPWiki is an open source WikiWiki engine built on Java, Servlet and JSP from the Apache Foundation USA.A security vulnerability exists in versions prior to Apache JSPWiki 2.11.3, which stems from a carefully crafted request on AJAXPreview.jsp that could trigger an XSS vulnerability.This...
Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce...
GHSA-GGJQ-8C4C-68R5 Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce...
CVE-2022-28730
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce...
CVE-2022-28730
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce...
CVE-2022-28730
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce...
CVE-2022-28730
A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce...
CVE-2022-28730
CVE-2022-28730 describes an XSS in Apache JSPWiki triggered by a crafted request on AJAXPreview.jsp, enabling execution of arbitrary JavaScript in the victim’s browser and exposure of sensitive information. The issue builds on CVE-2021-40369, where the Denounce plugin incorrectly renders user-sup...
PT-2022-19198 · Apache · Apache Jspwiki
Name of the Vulnerable Software and Affected Versions: Apache JSPWiki versions prior to 2.11.3 Description: A carefully crafted request on "AJAXPreview.jsp" could trigger an issue that allows an attacker to execute javascript in the victim's browser and obtain sensitive information. This issue...
Apache JSPWiki 跨站脚本漏洞
Apache JSPWiki is a U.S. Apache Apache Foundation , an open source WikiWiki engine built on Java, Servlet and JSP . A security vulnerability exists in Apache JSPWiki versions prior to 2.11.3, which stems from an XSS vulnerability that can be triggered by a crafted request on AJAXPreview.jsp. This...
Apache JSPWiki Cross-site Scripting due to carefully crafted plugin link invocation
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to...
GHSA-CFQJ-9G2G-W7Q6 Apache JSPWiki Cross-site Scripting due to carefully crafted plugin link invocation
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to...
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2021-92465)
Apache JSPWiki is an open source WikiWiki engine built on Java, Servlet, and JSP from the Apache Foundation.A security vulnerability exists in Apache JSPWiki, which stems from a well-designed plugin link call that could trigger an XSS vulnerability in Apache JSPWiki related to Denounce...
CVE-2021-40369
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to...
Information disclosure
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to...
EUVD-2021-2503
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to...
CVE-2021-40369 XSS vulnerability on Denounce plugin
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to...
Apache JSPWiki 跨站脚本漏洞
Apache JSPWiki is an open source WikiWiki engine built on Java, Servlet, and JSP from the Apache Foundation.A security vulnerability exists in Apache JSPWiki, which stems from a well-designed plugin link call that could trigger an XSS vulnerability in Apache JSPWiki related to Denounce...
CVE-2021-40369
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to...