Lucene search
Veracode Vulnerability DatabaseVERACODE:34429HistoryFeb 28, 2022 - 6:59 a.m.
Cross-site Request Forgery (CSRF)
2022-02-2806:59:34
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
39.5%
Apache JSPWiki is vulnerable to cross-site request forgery. A lack of secure password management to validate password change flow causes a vulnerability in user preferences form, allowing an attacker to trigger CSRF attacks which may lead to account takeover.
| CPE | Name | Operator | Version |
|---|---|---|---|
| apache jspwiki main jar | le | 2.11.1 | |
| apache jspwiki main jar | le | 2.11.1 |
Related
github
github
Cross Site Request Forgery in Apache JSPWiki
2022-02-26 00:00:44
cnvd
cnvd
Apache JSPWiki Cross-Site Request Forgery Vulnerability
2022-03-01 00:00:00
prion
prion
Cross site request forgery (csrf)
2022-02-25 09:15:00
cve
cve
CVE-2022-24947
2022-02-25 09:15:07
nvd
nvd
CVE-2022-24947
2022-02-25 09:15:07
ubuntucve
ubuntucve
CVE-2022-24947
2022-02-25 00:00:00
osv
osv
Cross Site Request Forgery in Apache JSPWiki
2022-02-26 00:00:44
CVE-2022-24947
2022-02-25 09:15:07
cvelist
cvelist
CVE-2022-24947 Apache JSPWiki CSRF Account Takeover
2022-02-25 08:30:18
openvas
openvas
Apache JSPWiki < 2.11.2 Multiple Vulnerabilities
2022-02-25 00:00:00