Lucene search
Veracode Vulnerability DatabaseVERACODE:36603HistoryAug 05, 2022 - 3:23 a.m.
Cross-site Scripting (XSS)
2022-08-0503:23:51
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
xss
jspwiki-main
weblogplugin
startday attribute
execute function
weblogplugin.java
software
EPSS
0.002
Percentile
56.1%
jspwiki-main is vulnerable to cross-site scripting. The vulnerability exists due to the lack of sanitization in the startDay attribute in the execute function of WeblogPlugin.java, allowing an attacker to inject and execute malicious javascript through the maliciously crafted WeblogPlugin request.
Related
nvd
nvd
CVE-2022-28732
2022-08-04 07:15:07
prion
prion
Cross site scripting
2022-08-04 07:15:00
cve
cve
CVE-2022-28732
2022-08-04 07:15:07
osv
osv
Apache JSPWiki XSS due to crafted request in WeblogPlugin
2022-08-05 00:00:30
CVE-2022-28732
2022-08-04 07:15:07
Apache JSPWiki CSRF due to crafted request on UserPreferences.jsp
2022-08-05 00:00:30
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2022-28732
2022-08-04 00:00:00
cnvd
cnvd
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2022-83598)
2022-08-08 00:00:00
github
github
Apache JSPWiki XSS due to crafted request in WeblogPlugin
2022-08-05 00:00:30
openvas
openvas
Apache JSPWiki < 2.11.3 Multiple Vulnerabilities
2022-08-05 00:00:00