Apache Software Foundation Apache Roller vulnerabilities

CVE-2025-24859 [LOW] CWE-613 CVE-2025-24859: A session management vulnerability exists in Apache Roller before version 6.1.5 where active user se A session management vulnerability exists in Apache Roller before version 6.1.5 where active user sessions are not properly invalidated after password changes. When a user's password is changed, either by the user themselves or by an administrator, existing sessions remain active and usable. This allows continued access to the application through old s

CVE-2024-46911 [MEDIUM] CWE-352 CVE-2024-46911: Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi-bl Cross-site Resource Forgery (CSRF), Privilege escalation vulnerability in Apache Roller. On multi-blog/user Roller websites, by default weblog owners are trusted to publish arbitrary weblog content and this combined with a deficiency in Roller's CSRF protections allowed an escalation of privileges attack. This issue affects Apache Roller before 6.1.

CVE-2024-25090 [MEDIUM] CWE-20 CVE-2024-25090: Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & descripti Insufficient input validation and sanitation in Profile name & screenname, Bookmark name & description and blogroll name features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust y

CVE-2023-37581 [MEDIUM] CWE-79 CVE-2023-37581: Insufficient input validation and sanitation in Weblog Category name, Website About and File Upload Insufficient input validation and sanitation in Weblog Category name, Website About and File Upload features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author ra

CVE-2021-33580 [HIGH] CWE-400 CVE-2021-33580: User controlled `request.getHeader("Referer")`, `request.getRequestURL()` and `request.getQueryStrin User controlled `request.getHeader("Referer")`, `request.getRequestURL()` and `request.getQueryString()` are used to build and run a regex expression. The attacker doesn't have to use a browser and may send a specially crafted Referer header programmatically. Since the attacker controls the string and the regex pattern he may cause a ReDoS by regex ca

CVE-2018-17198 [CRITICAL] CWE-918 CVE-2018-17198: Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 Server-side Request Forgery (SSRF) and File Enumeration vulnerability in Apache Roller 5.2.1, 5.2.0 and earlier unsupported versions relies on Java SAX Parser to implement its XML-RPC interface and by default that parser supports external entities in XML DOCTYPE, which opens Roller up to SSRF / File Enumeration vulnerability. Note that this vulnera