Lucene search
Veracode Vulnerability DatabaseVERACODE:36609HistoryAug 05, 2022 - 7:24 a.m.
Cross-site Scripting (XSS)
2022-08-0507:24:47
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
cross-site scripting
vulnerability
execute function
denounce.java
uris
attacker
sensitive information
software
EPSS
0.002
Percentile
56.1%
org.apache.jspwiki:jspwiki is vulnerable to cross-site scripting. The vulnerability exists in execute function in Denounce.java because the Denounce’s link parameter URIs are not properly validated which allows an attacker to inject and execute a specifically crafted link parameter to gain access to sensitive information.
Related
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2022-28730
2022-08-04 00:00:00
cnvd
cnvd
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2022-83597)
2022-08-08 00:00:00
github
github
Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369
2022-08-05 00:00:30
prion
prion
Design/Logic Flaw
2022-08-04 07:15:00
nvd
nvd
CVE-2022-28730
2022-08-04 07:15:07
cve
cve
CVE-2022-28730
2022-08-04 07:15:07
osv
osv
CVE-2022-28730
2022-08-04 07:15:07
Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369
2022-08-05 00:00:30
openvas
openvas
Apache JSPWiki < 2.11.3 Multiple Vulnerabilities
2022-08-05 00:00:00