On 20/5/19 1:59 am, Juan Pablo Santos Rodríguez wrote:
Severity
Medium
Vendor
The Apache Software Foundation
Versions Affected
Apache JSPWiki up to 2.11.0.M3
Description
A carefully crafted plugin link invocation could trigger an XSS
vulnerability on Apache JSPWiki, which could lead to sessio
I ll deploy it on jspwiki-wiki.apache.org
cheers,
Harry
On Sun, 19 May 2019 at 17:51, Juan Pablo Santos Rodríguez <
juanpa...@apache.org> wrote:
> The Apache JSPWiki team is pleased to announce the release of JSPWiki
> 2.11.0.M4.
>
> This is the fourth release towards the 2.11 series of Apache
Severity
Medium
Vendor
The Apache Software Foundation
Versions Affected
Apache JSPWiki up to 2.11.0.M3
Description
A carefully crafted plugin link invocation could trigger an XSS
vulnerability on Apache JSPWiki, which could lead to session hijacking.
Initial reporting indicated ReferredPagesPlu
Severity
Medium
Vendor
The Apache Software Foundation
Versions Affected
Apache JSPWiki up to 2.11.0.M3
Description
A carefully crafted InterWiki link could trigger an XSS vulnerability on
Apache JSPWiki, which could lead to session hijacking.
Mitigation
Apache JSPWiki users should upgrade to 2.
Severity
Medium
Vendor
The Apache Software Foundation
Versions Affected
Apache JSPWiki up to 2.11.0.M3
Description
A carefully crafted malicious attachment could trigger an XSS vulnerability
on Apache JSPWiki, which could lead to session hijacking.
Mitigation
Apache JSPWiki users should upgrade
The Apache JSPWiki team is pleased to announce the release of JSPWiki
2.11.0.M4.
This is the fourth release towards the 2.11 series of Apache JSPWiki, a
feature-rich and
extensible WikiWiki engine built around the standard JEE components. M#
releases are as
production-ready as any other JSPWiki re