CVE-2019-10078 is a vulnerability in Apache JSPWiki
Published on May 20, 2019

A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indicated ReferredPagesPlugin, but further analysis showed that multiple plugins were vulnerable.

NVD

Products Associated with CVE-2019-10078

Want to know whenever a new CVE is published for Apache JSPWiki? stack.watch will email you.

Apache JSPWiki

Affected Versions

Apache Software Foundation Apache JSPWiki Version Apache JSPWiki 2.9.0 to 2.11.0.M3 is affected by CVE-2019-10078

Exploit Probability

EPSS

3.23%

Percentile

86.88%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2019-10078 is a vulnerability in Apache JSPWikiPublished on May 20, 2019

Products Associated with CVE-2019-10078

Affected Versions

Exploit Probability

CVE-2019-10078 is a vulnerability in Apache JSPWiki
Published on May 20, 2019