A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: apache
Published: 2023-05-25T06:58:18.912Z
Updated: 2024-08-03T14:47:27.792Z
Reserved: 2022-12-10T15:13:04.776Z
Link: CVE-2022-46907
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-05-25T07:15:08.620
Modified: 2023-06-01T01:29:13.787
Link: CVE-2022-46907
Redhat
No data.