CVE-2019-10076

Summary

A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache JSPWikiApache JSPWiki 2.9.0 to 2.11.0.M3affected

Weaknesses

  • Cross-site scripting vulnerability

ADP Enrichment

CVE Program Container

Additional References

References