CRITICAL9.1CVE-2021-44140Incorrect Default Permissions in Apache JSPWiki from 0, < 2.11.0
HIGH8.8CVE-2022-34158Apache JSPWiki CSRF due to crafted invocation on the Image plugin from 0, < 2.11.3
from 0, < 2.11.2
MEDIUM6.5Apache JSPWiki CSRF due to crafted request on UserPreferences.jsp
from 0, < 2.11.3
MEDIUM6.3Cross site scripting in Apache JSPWiki
from 0, < 2.12.2
MEDIUM6.1Apache JSPWiki vulnerable to cross-site scripting on several plugins
from 0, < 2.12.0
MEDIUM6.1Apache JSPWiki XSS due to crafted request on XHRHtml2Markup.jsp
from 0, < 2.11.3
MEDIUM6.1Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369
from 0, < 2.11.3
MEDIUM6.1Apache JSPWiki XSS due to crafted request in WeblogPlugin
from 0, < 2.11.3
MEDIUM6.1Cross-site Scripting in Apache JSPWiki
from 0, < 2.11.0.M5
MEDIUM6.1Cross-site Scripting in Apache JSPWiki
from 0, < 2.11.2
MEDIUM6.1Apache JSPWiki Cross-site Scripting due to carefully crafted plugin link invocation
from 0, < 2.11.0
MEDIUM6.1Cross-site Scriptin in JSPWiki
>= 2.9.0, < 2.11.0.M4
MEDIUM6.1Cross-site Scripting in JSPWiki
>= 2.9.0, < 2.11.0.M4
MEDIUM6.1Cross-Site Scripting in JSPWiki
>= 2.9.0, < 2.11.0.M4
MEDIUM6.1Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main
>= 2.9.0, < 2.11.0.M3
—Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability in the Image Plugin
from 0, < 2.12.3
—Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability via Header Link Rendering
from 0, < 2.12.3