11 matches found
CVE-2022-28732
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2022-83598)
Apache JSPWiki is an open source WikiWiki engine built on Java, Servlet and JSP from the Apache Foundation. security vulnerability exists in versions prior to Apache JSPWiki 2.11.3, which stems from a carefully crafted request on the WeblogPlugin that could trigger an XSS vulnerability, which cou...
Cross-site Scripting (XSS)
jspwiki-main is vulnerable to Cross-site Scripting XSS. The vulnerability exists due to the lack of sanitization in the startDay attribute in the execute function of WeblogPlugin.java, allowing an attacker to inject and execute malicious javascript through the maliciously crafted WeblogPlugin...
Apache JSPWiki XSS due to crafted request in WeblogPlugin
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...
CVE-2022-28732
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...
CVE-2022-28732
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...
CVE-2022-28732
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...
Cross site scripting
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...
CVE-2022-28732 Apache JSPWiki Cross-site scripting vulnerability on WeblogPlugin
A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later...
CVE-2022-28732
Apache JSPWiki 2.x is affected by a cross-site scripting (XSS) vulnerability triggered by a crafted request on WeblogPlugin (and related vectors like XHRHtml2Markup.jsp) that could allow an attacker to execute JavaScript in a victim’s browser and access sensitive information. The CVE-2022-28732 e...
Apache JSPWiki 跨站脚本漏洞
Apache JSPWiki is an open source WikiWiki engine built on Java, Servlet and JSP from the Apache Foundation. security vulnerability exists in versions prior to Apache JSPWiki 2.11.3, which stems from a carefully crafted request on the WeblogPlugin that could trigger an XSS vulnerability, which cou...