Privilege Escalation

jspwiki-api is vulnerable to privilege escalation. Unauthorized filed deletions can be performed on logout hosting a JSPWiki instance which allows a remote attacker to send crafted http requests and delete arbitrary files...