Lucene search
+L

9 matches found

redhatcve
redhatcve
added 2025/08/02 8:23 p.m.54 views

CVE-2025-24853

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

7.5CVSS6AI score0.00525EPSS
Exploits0References1
vulnersosv
vulnersosv
added 2025/07/31 9:32 a.m.7 views

org.apache.jspwiki.it:jspwiki-selenide-tests (>=2.11.0 <=2.12.2), org.apache.jspwiki:jspwiki-210-adapters (>=2.11.0 <=2.12.2) +5 more potentially affected by CVE-2025-24853 via org.apache.jspwiki:jspwiki-main (>=2.11.0 <=2.12.2)

org.apache.jspwiki:jspwiki-main MAVEN version =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.12.2 Source cves: CVE-2025-24853 Source advisory: OSV:GHSA-RRFF-CHJ9-W4C7...

7.5CVSS5.8AI score0.00525EPSS
Exploits0
nvd
nvd
added 2025/07/31 9:15 a.m.9 views

CVE-2025-24853

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

7.5CVSS0.00525EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2025/07/31 9:15 a.m.4 views

CVE-2025-24853

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

7.5CVSS5.9AI score0.00525EPSS
Exploits0References2
cve
cve
added 2025/07/31 8:42 a.m.32 views

CVE-2025-24853

CVE-2025-24853 affects Apache JSPWiki. The issue is a Cross-Site Scripting (XSS) vulnerability in header link processing, caused by unsafely handling header links created via wiki markup (and, per later research, the markdown parser). When exploited, an attacker could cause JavaScript execution i...

7.5CVSS6.3AI score0.00525EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2025/07/31 8:42 a.m.5 views

CVE-2025-24853 Apache JSPWiki: Cross-Site Scripting (XSS) in JSPWiki Header Link processing

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

6.1AI score0.00525EPSS
Exploits0References1
osv
osv
added 2025/07/31 8:42 a.m.6 views

CVE-2025-24853 Apache JSPWiki: Cross-Site Scripting (XSS) in JSPWiki Header Link processing

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

7.5CVSS6AI score0.00525EPSS
Exploits0References4
cvelist
cvelist
added 2025/07/31 8:42 a.m.12 views

CVE-2025-24853 Apache JSPWiki: Cross-Site Scripting (XSS) in JSPWiki Header Link processing

A carefully crafted request when creating a header link using the wiki markup syntax, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Further research by the JSPWiki team showed that the markdown parser allowed this...

0.00525EPSS
Exploits0References1
circl
circl
added 2025/07/30 4:52 p.m.25 views

CVE-2025-24853

creationtimestamp| type| source ---|---|--- 2025-07-30 16:52:21+00:00| seen| https://seclists.org/oss-sec/2025/q3/66 2025-07-30 19:17:32+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lv7dkab3e72u 2025-07-31 10:56:17+00:00| seen|...

7.5CVSS6.6AI score0.00525EPSS
Exploits0References3
Rows per page
Query Builder