You are viewing a plain text version of this content. The canonical link for it is here.

Posted to announce@apache.org by Juan Pablo Santos Rodríguez <ju...@apache.org> on 2022/08/03 20:45:35 UTC

CVE-2022-27166: Apache JSPWiki: XSS vulnerability on XHRHtml2Markup.jsp in JSPWiki 2.11.2

Severity: moderate

Description:

A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim

Credit:

Issue was discovered by Salt, <saltnekoko AT gmail DOT com>

References:

https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732

Re: CVE-2022-27166: Apache JSPWiki: XSS vulnerability on XHRHtml2Markup.jsp in JSPWiki 2.11.2

Posted by Juan Pablo Santos Rodríguez <ju...@gmail.com>.

On Wed, Aug 3, 2022 at 10:45 PM Juan Pablo Santos Rodríguez
<ju...@apache.org> wrote:
>
> Severity: moderate
>
> Description:
>
> A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim
>
> Credit:
>
> Issue was discovered by Salt, <saltnekoko AT gmail DOT com>
>
> References:
>
> https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
>