Known Vulnerabilities for Jspwiki by Apache
Listed below are 10 of the newest known vulnerabilities associated with "Jspwiki" by "Apache".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-24948 | A carefully crafted user preferences for submission could trigger an XSS vulnerability on Apache JSPWiki, related to the user... | 6.1 - MEDIUM | 2022-02-25 | 2022-03-04 |
| CVE-2022-24947 | Apache JSPWiki user preferences form is vulnerable to CSRF attacks, which can lead to account takeover. Apache JSPWiki users ... | 8.8 - HIGH | 2022-02-25 | 2022-03-04 |
| CVE-2021-40369 | A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plug... | 6.1 - MEDIUM | 2021-11-24 | 2022-11-09 |
| CVE-2019-10089 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on ... | 6.1 - MEDIUM | 2019-09-23 | 2019-09-23 |
| CVE-2019-10087 | On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on ... | 6.1 - MEDIUM | 2019-09-23 | 2019-09-23 |
| CVE-2019-10078 | A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which cou... | 6.1 - MEDIUM | 2019-05-20 | 2023-11-07 |
| CVE-2019-10077 | A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead ... | 6.1 - MEDIUM | 2019-05-20 | 2023-11-07 |
| CVE-2019-10076 | A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could... | 6.1 - MEDIUM | 2019-05-20 | 2023-11-07 |
| CVE-2019-0225 | A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki 2.9.0 to ... | 7.5 - HIGH | 2019-03-28 | 2023-11-07 |
| CVE-2019-0224 | In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No informat... | 6.1 - MEDIUM | 2019-03-28 | 2023-11-07 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Apache | Jspwiki | 2.9.1 | incubating_rc1 | All | All |
| Application | Apache | Jspwiki | 2.9.1 | incubating_rc2 | All | All |
| Application | Apache | Jspwiki | 2.9.0 | incubating | All | All |
| Application | Apache | Jspwiki | 2.9.0 | incubating_rc2 | All | All |
| Application | Apache | Jspwiki | 2.9.0 | incubating_rc3 | All | All |
| Application | Apache | Jspwiki | 2.9.0 | incubating_rc4 | All | All |
| Application | Apache | Jspwiki | 2.9.0 | rc1 | All | All |
| Application | Apache | Jspwiki | 2.8.4 | All | All | All |
| Application | Apache | Jspwiki | 2.8.3 | All | All | All |
| Application | Apache | Jspwiki | 2.8.2 | All | All | All |
| Application | Apache | Jspwiki | 2.8.1 | All | All | All |
| Application | Apache | Jspwiki | 2.8.0 | - | All | All |
| Application | Apache | Jspwiki | 2.8.0 | alpha1 | All | All |
| Application | Apache | Jspwiki | 2.8.0 | beta1 | All | All |
| Application | Apache | Jspwiki | 2.6.4 | All | All | All |
| Application | Apache | Jspwiki | 2.6.3 | All | All | All |
| Application | Apache | Jspwiki | 2.6.2 | All | All | All |
| Application | Apache | Jspwiki | 2.6.1 | All | All | All |
| Application | Apache | Jspwiki | 2.6.0 | - | All | All |
| Application | Apache | Jspwiki | 2.6.0 | rc1 | All | All |