Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-fmpq-w5q6-9vf9

Опубликовано: 02 апр. 2019
Источник: github
Github: Прошло ревью
CVSS3: 6.1

Описание

Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main

In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own browser.

Ссылки

Пакеты

Наименование

org.apache.jspwiki:jspwiki-main

maven
Затронутые версииВерсия исправления

>= 2.9.0, <= 2.11.0.M2

2.11.0.M3

EPSS

Процентиль: 85%
0.025
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2019-0224

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2019-0224

CVSS3: 6.1
ubuntu
почти 7 лет назад

In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own browser.

nvd логотип

CVE-2019-0224

CVSS3: 6.1
nvd
почти 7 лет назад

In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own browser.

debian логотип

CVE-2019-0224

CVSS3: 6.1
debian
почти 7 лет назад

In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could ex ...

EPSS

Процентиль: 85%
0.025
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2019-0224

Дефекты

CWE-79