CVE-2019-10089
CVSS v3.1
6.1 (Medium)
CVSS v2.0
4.3 (Medium)
EPSS
0.19 % (56th)
Affected Products
1
Advisories
1
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the WYSIWYG editor, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.
Weaknesses
- CWE-79
- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- CVE Status
- PUBLISHED
- CNA
- Apache Software Foundation
- Published Date
-
2019-09-23 15:15:10
(5 years ago) - Updated Date
-
2019-09-23 19:25:00
(5 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...