CVE-2019-10076
N/A
N/A
Summary
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Apache Software Foundation | Apache JSPWiki | Apache JSPWiki 2.9.0 to 2.11.0.M3 | affected |
Weaknesses
- Cross-site scripting vulnerability
ADP Enrichment
CVE Program Container
Additional References
- https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16%40%3Ccommits.jspwiki.apache.org%3E
- http://www.openwall.com/lists/oss-security/2019/05/19/4
- https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10076
- http://www.securityfocus.com/bid/108437
References
- https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16%40%3Ccommits.jspwiki.apache.org%3E
- http://www.openwall.com/lists/oss-security/2019/05/19/4
- https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10076
- http://www.securityfocus.com/bid/108437
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.