pkg:Maven/org.apache.jspwiki:jspwiki-main

All known vulnerabilities

• CRITICAL9.1CVE-2021-44140Incorrect Default Permissions in Apache JSPWiki
  from 0, < 2.11.0
• HIGH8.8CVE-2022-34158Apache JSPWiki CSRF due to crafted invocation on the Image plugin
  from 0, < 2.11.3
• HIGH8.8CVE-2022-24947Cross Site Request Forgery in Apache JSPWiki
  from 0, < 2.11.2
• MEDIUM6.5CVE-2022-28731Apache JSPWiki CSRF due to crafted request on UserPreferences.jsp
  from 0, < 2.11.3
• MEDIUM6.3CVE-2024-27136Cross site scripting in Apache JSPWiki
  from 0, < 2.12.2
• MEDIUM6.1CVE-2022-46907Apache JSPWiki vulnerable to cross-site scripting on several plugins
  from 0, < 2.12.0
• MEDIUM6.1CVE-2022-27166Apache JSPWiki XSS due to crafted request on XHRHtml2Markup.jsp
  from 0, < 2.11.3
• MEDIUM6.1CVE-2022-28730Apache JSPWiki XSS due to incomplete patch for CVE-2021-40369
  from 0, < 2.11.3
• MEDIUM6.1CVE-2022-28732Apache JSPWiki XSS due to crafted request in WeblogPlugin
  from 0, < 2.11.3
• MEDIUM6.1CVE-2019-12407Cross-site Scripting in Apache JSPWiki
  from 0, < 2.11.0.M5
• MEDIUM6.1CVE-2022-24948Cross-site Scripting in Apache JSPWiki
  from 0, < 2.11.2
• MEDIUM6.1CVE-2021-40369Apache JSPWiki Cross-site Scripting due to carefully crafted plugin link invocation
  from 0, < 2.11.0
• MEDIUM6.1CVE-2019-10078Cross-site Scriptin in JSPWiki
  >= 2.9.0, < 2.11.0.M4
• MEDIUM6.1CVE-2019-10077Cross-site Scripting in JSPWiki
  >= 2.9.0, < 2.11.0.M4
• MEDIUM6.1CVE-2019-10076Cross-Site Scripting in JSPWiki
  >= 2.9.0, < 2.11.0.M4
• MEDIUM6.1CVE-2019-0224Moderate severity vulnerability that affects org.apache.jspwiki:jspwiki-main
  >= 2.9.0, < 2.11.0.M3
• —CVE-2025-24854Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability in the Image Plugin
  from 0, < 2.12.3
• —CVE-2025-24853Apache JSPWiki Cross-Site Scripting (XSS) Vulnerability via Header Link Rendering
  from 0, < 2.12.3