Lucene search
ApacheCVELIST:CVE-2022-27166HistoryAug 04, 2022 - 6:15 a.m.
CVE-2022-27166 XSS vulnerability on XHRHtml2Markup.jsp in JSPWiki 2.11.2
2022-08-0406:15:17
apache
www.cve.org
5
xss
xhrhtml2markup.jsp
jspwiki 2.11.2
apache jspwiki
execute javascript
A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim.
CNA Affected
[
{
"product": "Apache JSPWiki",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "Apache JSPWiki up to 2.11.2",
"status": "affected",
"version": "Apache JSPWiki",
"versionType": "custom"
}
]
}
]Related
github
github
Apache JSPWiki XSS due to crafted request on XHRHtml2Markup.jsp
2022-08-05 00:00:31
nvd
nvd
CVE-2022-27166
2022-08-04 07:15:07
veracode
veracode
Cross-Site Scripting (XSS)
2022-08-05 08:35:07
prion
prion
Design/Logic Flaw
2022-08-04 07:15:00
cnvd
cnvd
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2022-83599)
2022-08-08 00:00:00
ubuntucve
ubuntucve
CVE-2022-27166
2022-08-04 00:00:00
cve
cve
CVE-2022-27166
2022-08-04 07:15:07
osv
osv
CVE-2022-27166
2022-08-04 07:15:07
Apache JSPWiki XSS due to crafted request on XHRHtml2Markup.jsp
2022-08-05 00:00:31
openvas
openvas
Apache JSPWiki < 2.11.3 Multiple Vulnerabilities
2022-08-05 00:00:00