EUVD-2019-0416

Malware in sbrugna...

CVE-2025-24853

CVE-2025-24853 affects Apache JSPWiki. The issue is a Cross-Site Scripting (XSS) vulnerability in header link processing, caused by unsafely handling header links created via wiki markup (and, per later research, the markdown parser). When exploited, an attacker could cause JavaScript execution i...

PT-2025-31493 · Apache · Apache Jspwiki

Name of the Vulnerable Software and Affected Versions: Apache JSPWiki versions prior to 2.12.3 Description: A crafted request during header link creation using wiki markup syntax can allow an attacker to execute JavaScript in the victim’s browser, potentially obtaining sensitive information...

CVE-2019-10090

On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victi...

CVE-2022-46907

A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later...