Количество 5
Количество 5
CVE-2021-44140
Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later.
CVE-2021-44140
Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later.
CVE-2021-44140
Remote attackers may delete arbitrary files in a system hosting a JSPW ...
GHSA-8gw6-w5rw-4g5c
Incorrect Default Permissions in Apache JSPWiki
BDU:2022-00470
Уязвимость программного обеспечения на основе JSP технологий Apache JSPWiki, связанная с недостатками разграничения доступа, позволяющая нарушителю удалить произвольные файлы
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-44140 Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later. | CVSS3: 9.1 | 6% Низкий | около 4 лет назад |
 | CVE-2021-44140 Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up to 2.11.0.M8, by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance. Apache JSPWiki users should upgrade to 2.11.0 or later. | CVSS3: 9.1 | 6% Низкий | около 4 лет назад |
| CVE-2021-44140 Remote attackers may delete arbitrary files in a system hosting a JSPW ... | CVSS3: 9.1 | 6% Низкий | около 4 лет назад |
| GHSA-8gw6-w5rw-4g5c Incorrect Default Permissions in Apache JSPWiki | CVSS3: 9.1 | 6% Низкий | около 4 лет назад |
 | BDU:2022-00470 Уязвимость программного обеспечения на основе JSP технологий Apache JSPWiki, связанная с недостатками разграничения доступа, позволяющая нарушителю удалить произвольные файлы | CVSS3: 9.1 | 6% Низкий | около 4 лет назад |
Уязвимостей на страницу