CVE-2019-12407
This CVE affects Apache JSPWiki up to version 2.11.0.M4. The vulnerability is an XSS flaw triggered by a crafted plugin link invocation related to the remember parameter on certain JSPs, allowing an attacker to execute JavaScript in a victim’s browser and access some sensitive information. The co...