Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2019-10078

Опубликовано: 20 мая 2019
Источник: debian
EPSS Низкий

Описание

A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
jspwikiremovedpackage

EPSS

Процентиль: 87%
0.03225
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2019-10078

CVSS3: 6.1
ubuntu
больше 6 лет назад

A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.

nvd логотип

CVE-2019-10078

CVSS3: 6.1
nvd
больше 6 лет назад

A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.

github логотип

GHSA-hp5r-mhgp-56c9

CVSS3: 6.1
github
больше 6 лет назад

Cross-site Scriptin in JSPWiki

EPSS

Процентиль: 87%
0.03225
Низкий