pkg:maven/org.dspace/dspace-jspui

Type maven

Namespace org.dspace

Name dspace-jspui

Known advisories, vulnerabilities and fixes for org.dspace/dspace-jspui package.

Repository: https://mvnrepository.com/artifact/org.dspace/dspace-jspui

High 4

Moderate 1

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	>= 6.0, < 6.4 >= 5.0, < 5.11		CVE-2022-31192	MAVEN:GHSA-4WM8-C2VV-XRPQ	JSPUI Possible Cross Site Scripting in "Request a Copy" Feature	high	2022-08-06T05:46:27 (2 years ago)
Fixed	= 6.4 = 5.11		CVE-2022-31192	MAVEN:GHSA-4WM8-C2VV-XRPQ	JSPUI Possible Cross Site Scripting in "Request a Copy" Feature	high	2022-08-06T05:46:27 (2 years ago)
Affected	>= 6.0, < 6.4 >= 4.0, < 5.11		CVE-2022-31193	MAVEN:GHSA-763J-Q7WV-VF3M	JSPUI's controlled vocabulary feature vulnerable to Open Redirect before v6.4 and v5.11	high	2022-08-06T05:46:49 (2 years ago)
Fixed	= 6.4 = 5.11		CVE-2022-31193	MAVEN:GHSA-763J-Q7WV-VF3M	JSPUI's controlled vocabulary feature vulnerable to Open Redirect before v6.4 and v5.11	high	2022-08-06T05:46:49 (2 years ago)
Affected	>= 4.0, <= 6.3		CVE-2022-31189	MAVEN:GHSA-C2J7-66M3-R4FF	JSPUI's "Internal System Error" page prints exceptions and stack traces without sanitization	moderate	2022-08-06T05:39:46 (2 years ago)
Fixed	= 6.4		CVE-2022-31189	MAVEN:GHSA-C2J7-66M3-R4FF	JSPUI's "Internal System Error" page prints exceptions and stack traces without sanitization	moderate	2022-08-06T05:39:46 (2 years ago)
Affected	>= 6.0, < 6.4 >= 4.0, < 5.11		CVE-2022-31191	MAVEN:GHSA-C558-5GFM-P2R8	JSPUI spellcheck and autocomplete tools vulnerable to Cross Site Scripting	high	2022-08-06T05:46:14 (2 years ago)
Fixed	= 6.4 = 5.11		CVE-2022-31191	MAVEN:GHSA-C558-5GFM-P2R8	JSPUI spellcheck and autocomplete tools vulnerable to Cross Site Scripting	high	2022-08-06T05:46:14 (2 years ago)
Affected	>= 6.0, < 6.4 >= 4.0, < 5.11		CVE-2022-31194	MAVEN:GHSA-QP5M-C3M9-8Q2P	JSPUI vulnerable to path traversal in submission (resumable) upload	high	2022-08-06T05:47:04 (2 years ago)
Fixed	= 6.4 = 5.11		CVE-2022-31194	MAVEN:GHSA-QP5M-C3M9-8Q2P	JSPUI vulnerable to path traversal in submission (resumable) upload	high	2022-08-06T05:47:04 (2 years ago)