CVE-2022-27166

Published: Aug 4, 2022

Modified: Aug 3, 2024

PUBLISHED

Description

A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.

Vendor	Product	Versions
Apache Software Foundation	Apache JSPWiki	affected `Apache JSPWiki - <= Apache JSPWiki up to 2.11.2`

References

https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2022-27166

Description

Affected Products

References