EPSS
Percentile
75.7%
jspwiki-api is vulnerable to privilege escalation. Unauthorized filed deletions can be performed on logout hosting a JSPWiki instance which allows a remote attacker to send crafted http requests and delete arbitrary files.
github.com/apache/jspwiki/commit/800196dc239553ee2ea8f71754f8ee3f85bcf70f
github.com/apache/jspwiki/pull/47
jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2021-44140
lists.apache.org/thread/5qglpjdhvobppx7j550lf1sk28f6011t