CVE-2019-10077

Summary

A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.

Affected Software

VendorProductVersion RangeStatus
Apache Software FoundationApache JSPWikiApache JSPWiki 2.9.0 to 2.11.0.M3affected

Weaknesses

  • Cross-site scripting vulnerability

ADP Enrichment

CVE Program Container

Additional References

References