On Wed, Aug 3, 2022 at 10:46 PM Juan Pablo Santos Rodríguez
<juanpa...@apache.org> wrote:
>
> Severity: moderate
>
> Description:
>
> A carefully crafted request on WeblogPlugin could trigger an XSS 
> vulnerability on Apache JSPWiki, which could allow the attacker to execute 
> javascript in the victim's browser and get some sensitive information about 
> the victim.
>
> Mitigation:
>
> Apache JSPWiki users should upgrade to 2.11.3 or later.
>
> Credit:
>
> This issue was discovered by Wang Ran, from JDArmy, @jd.com
>
> References:
>
> https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
>

Reply via email to