CVEs-PoC/2019/CVE-2019-10078.md at 2ef066380cb36dba2e454190ca2349fcff6ca2df

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-24 15:54:10 +02:00

Files

T

0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09

2025-09-29 21:09:30 +02:00

Description

A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.

POC

Reference

No PoCs from references.

Github

https://github.com/PuddinCat/GithubRepoSpider
https://github.com/shoucheng3/apache__jspwiki_CVE-2019-10078_2-11-0-M3
https://github.com/shoucheng3/apache__jspwiki_CVE-2019-10078_2_11_0_M4_fixed

971 B Raw Blame History

CVE-2019-10078

Description

POC

Reference

Github

971 B

Raw Blame History