3 matches found
CVE-2019-10078
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable...
Apache JSPWiki < 2.11.0.M4 Multiple Vulnerabilities
Apache JSPWiki is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-10078
CVE-2019-10078 affects Apache JSPWiki (versions 2.9.0 through 2.11.0.M3). A carefully crafted plugin link invocation can trigger a cross-site scripting (XSS) vulnerability, leading to possible session hijacking. Multiple plugins were implicated, not just ReferredPagesPlugin, according to initial ...