Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-28732: JSPWiki: CVE-2022-28732Cve=title

A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later.

CVE
Open in Source
#xss#vulnerability#web#apache#js#java

About cookies on this site#

This site uses cookie technology to store your user preferences to provide a more personalized browsing experience. No data will be shared by this site with 3rd parties. For more information on the cookies we use and how you can manage your cookie settings, please go to our Cookies Policy.

Ok, understood. Learn more …

Related news

GHSA-hph8-29xw-qfxx: Apache JSPWiki XSS due to crafted request in WeblogPlugin

A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.3 or later.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE