Severity: Medium Vendor: The Apache Software Foundation
Versions Affected: Apache JSPWiki up to 2.10.5 Description: A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, which could lead to session hijacking. Mitigation: Apache JSPWiki users should upgrade to 2.11.0.M1 or later. Credit: This issue was discovered by Jamie Parfet.