3 matches found
org.apache.jspwiki.it:jspwiki-selenide-tests (>=2.11.0 <=2.11.2), org.apache.jspwiki:jspwiki-210-adapters (>=2.11.0 <=2.11.2) +5 more potentially affected by CVE-2022-34158 via org.apache.jspwiki:jspwiki-main (>=2.11.0 <=2.11.2)
org.apache.jspwiki:jspwiki-main MAVEN version =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.2 Source cves: CVE-2022-34158 Source advisory: OSV:GHSA-JP3M-P26H-MM7V...
CVE-2022-34158
A carefully crafted invocation on the Image plugin could trigger an CSRF vulnerability on Apache JSPWiki before 2.11.3, which could allow a group privilege escalation of the attacker's account. Further examination of this issue established that it could also be used to modify the email associated...
CVE-2022-34158
CVE-2022-34158 affects Apache JSPWiki prior to 2.11.3, where a crafted invocation on the Image plugin can trigger a CSRF vulnerability. This could allow group privilege escalation of the attacker’s account and, per the description, could also be used to modify the attacked account’s email and the...