jspwiki-main is vulnerable to cross-site scripting (XSS). The vulnerability exists because it does not properly escape HTML entities in JSPWiki WYSIWYG editor, allowing an attacker to inject malicious script through it.
CPE | Name | Operator | Version |
---|---|---|---|
apache jspwiki main jar | le | 2.11.0.M4 |