oss-sec mailing list archives
[CVE-2019-10077] Apache JSPWiki Cross-site scripting vulnerability
From: Juan Pablo Santos Rodríguez <juanpablo () apache org>
Date: Sun, 19 May 2019 18:05:36 +0200
[CVEID]:CVE-2019-10077 [PRODUCT]:Apache JSPWiki [VERSION]:Apache JSPWiki 2.9.0 to 2.11.0.M3 [PROBLEMTYPE]:Cross-site scripting vulnerability [REFERENCES]:https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10077 [DESCRIPTION]:A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki, which could lead to session hijacking.
Current thread:
- [CVE-2019-10077] Apache JSPWiki Cross-site scripting vulnerability Juan Pablo Santos Rodríguez (May 19)