2 matches found
org.apache.jspwiki.it:jspwiki-selenide-tests (>=2.11.0 <=2.11.1), org.apache.jspwiki:jspwiki-210-adapters (>=2.11.0 <=2.11.1) +5 more potentially affected by CVE-2022-24947 via org.apache.jspwiki:jspwiki-main (>=2.11.0 <=2.11.1)
org.apache.jspwiki:jspwiki-main MAVEN version =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.1 Source cves: CVE-2022-24947 Source advisory: OSV:GHSA-4284-X26R-4HHC...
CVE-2022-24947
CVE-2022-24947 affects Apache JSPWiki (versions prior to 2.11.2) via a CSRF vulnerability in the user preferences form, which can lead to account takeover. The issue is confirmed across multiple sources in the connected documents, and remediation is to upgrade to 2.11.2 or later. No exploit detai...