CVE-2019-0234 is a vulnerability in Apache Roller
Published on July 15, 2019

A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to the latest version of Roller, which is now Roller 5.2.3.

NVD

Products Associated with CVE-2019-0234

Want to know whenever a new CVE is published for Apache Roller? stack.watch will email you.

Apache Roller

Affected Versions

Apache Roller:

Version Roller 5.2 is affected.
Version 5.2.1 is affected.
Version 5.2.2. The unsupported pre-Roller 5.1 versions may also be affected. is affected.

Exploit Probability

EPSS

0.98%

Percentile

76.45%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-0234 is a vulnerability in Apache RollerPublished on July 15, 2019

Products Associated with CVE-2019-0234

Affected Versions

Exploit Probability

CVE-2019-0234 is a vulnerability in Apache Roller
Published on July 15, 2019