CVE-2019-10077

Severity

6.1MEDIUM

EPSS

3.1%

top 13.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedMay 20

Latest updateJun 6

Description

A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.

CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

▶NVDapache/jspwiki2.9.0 — 2.11.0+1

▶CVEListV5apache_software_foundation/apache_jspwikiApache JSPWiki 2.9.0 to 2.11.0.M3

GHSA

Cross-site Scripting in JSPWiki↗2019-06-06

▶

OSV

Cross-site Scripting in JSPWiki↗2019-06-06

▶

CVEList

CVE-2019-10077: A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2↗2019-05-20

▶