Lucene search
Veracode Vulnerability DatabaseVERACODE:20299HistoryMay 21, 2019 - 2:27 a.m.
Cross-Site Scripting (XSS)
2019-05-2102:27:17
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.006 Low
EPSS
Percentile
79.1%
Apache JSPWiki is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser via the ReferredPagesPlugin and navigation breadcrumbs, to steal session tokens or perform unwanted actions on behalf of the user.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache jspwiki main war | le | 2.11.0.M3 | |
| apache jspwiki main jar | le | 2.11.0.M3 |
Related
ubuntucve
ubuntucve
CVE-2019-10078
2019-05-20 00:00:00
cve
cve
CVE-2019-10078
2019-05-20 21:29:00
prion
prion
Information disclosure
2019-05-20 21:29:00
nvd
nvd
CVE-2019-10078
2019-05-20 21:29:00
osv
osv
Cross-site Scriptin in JSPWiki
2019-06-06 15:29:29
CVE-2019-10078
2019-05-20 21:29:00
cvelist
cvelist
CVE-2019-10078
2019-05-20 20:50:54
github
github
Cross-site Scriptin in JSPWiki
2019-06-06 15:29:29
openvas
openvas
Apache JSPWiki < 2.11.0.M4 Multiple Vulnerabilities
2022-01-12 00:00:00