Lucene search
Veracode Vulnerability DatabaseVERACODE:20307HistoryMay 22, 2019 - 3:00 p.m.
Cross-Site Scripting (XSS)
2019-05-2215:00:56
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
3
0.004 Low
EPSS
Percentile
75.1%
Apache JSPWiki is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject arbitrary Javascript into a victim’s browser via a malicious attachment via the AttachmentTab to steal session tokens or perform unwanted actions on behalf of the user.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache jspwiki main jar | le | 2.11.0.M3 | |
| apache jspwiki main war | le | 2.11.0.M3 |
Related
osv
osv
Cross-Site Scripting in JSPWiki
2019-06-06 15:29:22
CVE-2019-10076
2019-05-20 21:29:00
cve
cve
CVE-2019-10076
2019-05-20 21:29:00
nvd
nvd
CVE-2019-10076
2019-05-20 21:29:00
cvelist
cvelist
CVE-2019-10076
2019-05-20 20:31:41
prion
prion
Cross site scripting
2019-05-20 21:29:00
ubuntucve
ubuntucve
CVE-2019-10076
2019-05-20 00:00:00
github
github
Cross-Site Scripting in JSPWiki
2019-06-06 15:29:22
openvas
openvas
Apache JSPWiki < 2.11.0.M4 Multiple Vulnerabilities
2022-01-12 00:00:00