Lucene search
HistoryAug 04, 2022 - 7:15 a.m.
CVE-2022-27166
xss
apache
jspwiki
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.002
Percentile
56.1%
A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim’s browser and get some sensitive information about the victim.
Affected configurations
Node
apachejspwikiRange<2.11.3
Related
github
github
Apache JSPWiki XSS due to crafted request on XHRHtml2Markup.jsp
2022-08-05 00:00:31
veracode
veracode
Cross-Site Scripting (XSS)
2022-08-05 08:35:07
prion
prion
Design/Logic Flaw
2022-08-04 07:15:00
cnvd
cnvd
Apache JSPWiki Cross-Site Scripting Vulnerability (CNVD-2022-83599)
2022-08-08 00:00:00
cvelist
cvelist
CVE-2022-27166 XSS vulnerability on XHRHtml2Markup.jsp in JSPWiki 2.11.2
2022-08-04 06:15:17
ubuntucve
ubuntucve
CVE-2022-27166
2022-08-04 00:00:00
cve
cve
CVE-2022-27166
2022-08-04 07:15:07
osv
osv
CVE-2022-27166
2022-08-04 07:15:07
Apache JSPWiki XSS due to crafted request on XHRHtml2Markup.jsp
2022-08-05 00:00:31
openvas
openvas
Apache JSPWiki < 2.11.3 Multiple Vulnerabilities
2022-08-05 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.002
Percentile
56.1%
Related for NVD:CVE-2022-27166