CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Github Security Blog•added 2022/08/05 12:0 a.m.•20 views

Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369

A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vulnerability leverages CVE-2021-40369, where the Denounce...

6.1CVSS5.8AI score0.11342EPSS

Exploits0References3Affected Software1

OSV•added 2022/08/05 12:0 a.m.•0 views

GHSA-GGJQ-8C4C-68R5 Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369

6.1CVSS6AI score0.11342EPSS

Exploits0References3

NVD•added 2022/08/04 7:15 a.m.•16 views

CVE-2022-28730

6.1CVSS0.11342EPSS

Exploits0References1

UbuntuCve•added 2022/08/04 7:15 a.m.•39 views

CVE-2022-28730

6.1CVSS6.3AI score0.11342EPSS

Exploits0References3

Prion•added 2022/08/04 7:15 a.m.•15 views

Design/Logic Flaw

5.8CVSS5.9AI score0.11342EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/08/04 6:15 a.m.•15 views

CVE-2022-28730 Apache JSPWiki Cross-site scripting vulnerability on AJAXPreview.jsp

6.5AI score0.11342EPSS

Exploits0References1

CVE•added 2022/08/04 6:15 a.m.•92 views

CVE-2022-28730

CVE-2022-28730 describes an XSS in Apache JSPWiki triggered by a crafted request on AJAXPreview.jsp, enabling execution of arbitrary JavaScript in the victim’s browser and exposure of sensitive information. The issue builds on CVE-2021-40369, where the Denounce plugin incorrectly renders user-sup...

6.1CVSS6AI score0.11342EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by