Apache.JSPWiki.AJAXPreview.jsp.Reflected.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting Vulnerability in Apache Software Foundation JSPWiki.
This vulnerability is due to improper input validation for the AJAXPreview.jsp endpoint. A remote, unauthenticated attacker could exploit this vulnerability by enticing the victim to use a crafted link. Successfully exploiting this vulnerability could result in arbitrary code execution in the context of the victim's browser.
Affected Products
Apache Software Foundation JSPWiki prior to 2.11.3
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28730
Version Updates
Date | Version | Detail |
---|---|---|
2022-10-19 | 0.00331 |