Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:maven/org.apache.jspwiki/jspwiki-war@2.10.4
Typemaven
Namespaceorg.apache.jspwiki
Namejspwiki-war
Version2.10.4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version2.12.0
Latest_non_vulnerable_version2.12.0
Affected_by_vulnerabilities
0
url VCID-5chf-z411-uygk
vulnerability_id VCID-5chf-z411-uygk
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12404
reference_id
reference_type
scores
0
value 0.04421
scoring_system epss
scoring_elements 0.89201
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12404
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-12404
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-12404
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12404
reference_id CVE-2019-12404
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12404
3
reference_url https://github.com/advisories/GHSA-7qmg-qg53-mrp8
reference_id GHSA-7qmg-qg53-mrp8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-7qmg-qg53-mrp8
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-e1c2-enxb-ubh5
4
vulnerability VCID-fwb2-d76t-47dh
5
vulnerability VCID-p2c4-2xqh-d7b2
6
vulnerability VCID-q546-dm9k-9fdq
7
vulnerability VCID-s2x4-8adg-87g9
8
vulnerability VCID-spes-x1tu-gfef
9
vulnerability VCID-yss9-abks-xbgz
10
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
aliases CVE-2019-12404, GHSA-7qmg-qg53-mrp8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5chf-z411-uygk
1
url VCID-5mgc-56s5-kkhz
vulnerability_id VCID-5mgc-56s5-kkhz
summary 
Cross-site Scripting
A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki which could lead to session hijacking.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20242
reference_id
reference_type
scores
0
value 0.01321
scoring_system epss
scoring_elements 0.80193
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20242
1
reference_url https://lists.apache.org/thread.html/8ee4644432c0a433c5c514a57d940cf6dcb0a0094acd97b36290f0b4@%3Cuser.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/8ee4644432c0a433c5c514a57d940cf6dcb0a0094acd97b36290f0b4@%3Cuser.jspwiki.apache.org%3E
2
reference_url https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/e42d6e93384d4a33e939989cd00ea2a06ccf1e7bb1e6bdd3bf5187c1@%3Ccommits.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e42d6e93384d4a33e939989cd00ea2a06ccf1e7bb1e6bdd3bf5187c1@%3Ccommits.jspwiki.apache.org%3E
4
reference_url http://www.securityfocus.com/bid/106804
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/106804
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-20242
reference_id CVE-2018-20242
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-20242
6
reference_url https://github.com/advisories/GHSA-5q75-cxcq-wr26
reference_id GHSA-5q75-cxcq-wr26
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-5q75-cxcq-wr26
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M1
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5chf-z411-uygk
1
vulnerability VCID-5r9e-y7dr-mqd7
2
vulnerability VCID-84qw-2dwv-mba7
3
vulnerability VCID-8m4d-3t48-8kex
4
vulnerability VCID-8p77-dmhf-6kbf
5
vulnerability VCID-9wyb-y38j-wkeu
6
vulnerability VCID-e1c2-enxb-ubh5
7
vulnerability VCID-fwb2-d76t-47dh
8
vulnerability VCID-hpr3-f4s8-43ae
9
vulnerability VCID-jwtu-3v1h-3be1
10
vulnerability VCID-p2c4-2xqh-d7b2
11
vulnerability VCID-p84k-d4tc-3fhv
12
vulnerability VCID-pq48-q59y-bfhd
13
vulnerability VCID-pq7h-qrb3-xqb8
14
vulnerability VCID-q546-dm9k-9fdq
15
vulnerability VCID-s2x4-8adg-87g9
16
vulnerability VCID-spes-x1tu-gfef
17
vulnerability VCID-wbfe-sm9a-vkh2
18
vulnerability VCID-yss9-abks-xbgz
19
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M1
aliases CVE-2018-20242, GHSA-5q75-cxcq-wr26
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5mgc-56s5-kkhz
2
url VCID-5r9e-y7dr-mqd7
vulnerability_id VCID-5r9e-y7dr-mqd7
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28730
reference_id
reference_type
scores
0
value 0.11342
scoring_system epss
scoring_elements 0.93667
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28730
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-28730
reference_id CVE-2022-28730
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-28730
4
reference_url https://github.com/advisories/GHSA-ggjq-8c4c-68r5
reference_id GHSA-ggjq-8c4c-68r5
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-ggjq-8c4c-68r5
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8m4d-3t48-8kex
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
aliases CVE-2022-28730, GHSA-ggjq-8c4c-68r5
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5r9e-y7dr-mqd7
3
url VCID-84qw-2dwv-mba7
vulnerability_id VCID-84qw-2dwv-mba7
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28732
reference_id
reference_type
scores
0
value 0.08595
scoring_system epss
scoring_elements 0.92547
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28732
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-28732
reference_id CVE-2022-28732
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-28732
4
reference_url https://github.com/advisories/GHSA-hph8-29xw-qfxx
reference_id GHSA-hph8-29xw-qfxx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hph8-29xw-qfxx
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8m4d-3t48-8kex
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
aliases CVE-2022-28732, GHSA-hph8-29xw-qfxx
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-84qw-2dwv-mba7
4
url VCID-8m4d-3t48-8kex
vulnerability_id VCID-8m4d-3t48-8kex
summary 
Apache JSPWiki vulnerable to cross-site scripting on several plugins
A carefully crafted request on several JSPWiki plugins could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.0 or later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-46907
reference_id
reference_type
scores
0
value 0.03923
scoring_system epss
scoring_elements 0.88508
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-46907
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://github.com/apache/jspwiki/blob/37bf55373ed5a739a388a720163cf51d1104537f/ChangeLog.md?plain=1#L112
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki/blob/37bf55373ed5a739a388a720163cf51d1104537f/ChangeLog.md?plain=1#L112
3
reference_url https://github.com/apache/jspwiki/commit/0b9a0149032170063f22d65e335dfd317db815ea
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki/commit/0b9a0149032170063f22d65e335dfd317db815ea
4
reference_url https://github.com/apache/jspwiki/commit/46e1ef7a595ca5cabf5ef184139910413f2024fc
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki/commit/46e1ef7a595ca5cabf5ef184139910413f2024fc
5
reference_url https://github.com/apache/jspwiki/commit/484c6a133e397693991b7c9a9b62ef3ca48ce707
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki/commit/484c6a133e397693991b7c9a9b62ef3ca48ce707
6
reference_url https://github.com/apache/jspwiki/commit/75019d337f1d0033b1f65428e75f43baeffd99dd
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki/commit/75019d337f1d0033b1f65428e75f43baeffd99dd
7
reference_url https://github.com/apache/jspwiki/commit/82be08904a6d8bd22fa2d4e5a7e85f43408724d3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki/commit/82be08904a6d8bd22fa2d4e5a7e85f43408724d3
8
reference_url https://github.com/apache/jspwiki/commit/9d6dbf911d52d724297e4e46c4b80649fb028ff9
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki/commit/9d6dbf911d52d724297e4e46c4b80649fb028ff9
9
reference_url https://github.com/apache/jspwiki/commit/df20770f251a8d7431047e556b144ef24ee6a3a7
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki/commit/df20770f251a8d7431047e556b144ef24ee6a3a7
10
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-46907
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-46907
11
reference_url https://lists.apache.org/thread/1m0mkq2nttx8tn94m11mytn4f0tv1504
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T19:56:09Z/
url https://lists.apache.org/thread/1m0mkq2nttx8tn94m11mytn4f0tv1504
12
reference_url http://www.openwall.com/lists/oss-security/2023/05/25/1
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T19:56:09Z/
url http://www.openwall.com/lists/oss-security/2023/05/25/1
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-46907
reference_id CVE-2022-46907
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-46907
14
reference_url https://github.com/advisories/GHSA-qvq8-cw7f-m7m4
reference_id GHSA-qvq8-cw7f-m7m4
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qvq8-cw7f-m7m4
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.12.0
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.12.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.12.0
aliases CVE-2022-46907, GHSA-qvq8-cw7f-m7m4
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8m4d-3t48-8kex
5
url VCID-8p77-dmhf-6kbf
vulnerability_id VCID-8p77-dmhf-6kbf
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10087
reference_id
reference_type
scores
0
value 0.04421
scoring_system epss
scoring_elements 0.89201
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10087
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10087
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10087
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10087
reference_id CVE-2019-10087
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10087
3
reference_url https://github.com/advisories/GHSA-gwfq-qwmp-x9xg
reference_id GHSA-gwfq-qwmp-x9xg
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-gwfq-qwmp-x9xg
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-e1c2-enxb-ubh5
4
vulnerability VCID-fwb2-d76t-47dh
5
vulnerability VCID-p2c4-2xqh-d7b2
6
vulnerability VCID-q546-dm9k-9fdq
7
vulnerability VCID-s2x4-8adg-87g9
8
vulnerability VCID-spes-x1tu-gfef
9
vulnerability VCID-yss9-abks-xbgz
10
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
aliases CVE-2019-10087, GHSA-gwfq-qwmp-x9xg
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8p77-dmhf-6kbf
6
url VCID-9wyb-y38j-wkeu
vulnerability_id VCID-9wyb-y38j-wkeu
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10089
reference_id
reference_type
scores
0
value 0.04374
scoring_system epss
scoring_elements 0.89142
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10089
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10089
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10089
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10089
reference_id CVE-2019-10089
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10089
3
reference_url https://github.com/advisories/GHSA-3rx2-x6mx-grj3
reference_id GHSA-3rx2-x6mx-grj3
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3rx2-x6mx-grj3
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-e1c2-enxb-ubh5
4
vulnerability VCID-fwb2-d76t-47dh
5
vulnerability VCID-p2c4-2xqh-d7b2
6
vulnerability VCID-q546-dm9k-9fdq
7
vulnerability VCID-s2x4-8adg-87g9
8
vulnerability VCID-spes-x1tu-gfef
9
vulnerability VCID-yss9-abks-xbgz
10
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
aliases CVE-2019-10089, GHSA-3rx2-x6mx-grj3
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9wyb-y38j-wkeu
7
url VCID-e1c2-enxb-ubh5
vulnerability_id VCID-e1c2-enxb-ubh5
summary 
Cross-Site Request Forgery (CSRF)
Apache JSPWiki user preferences form is vulnerable to CSRF attacks, which can lead to account takeover. Apache JSPWiki users should upgrade to 2.11.2 or later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24947
reference_id
reference_type
scores
0
value 0.01846
scoring_system epss
scoring_elements 0.83299
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24947
1
reference_url https://lists.apache.org/thread/txrgykjkpt80t57kzpbjo8kfrv8ss02c
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/txrgykjkpt80t57kzpbjo8kfrv8ss02c
2
reference_url http://www.openwall.com/lists/oss-security/2022/02/25/1
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/02/25/1
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24947
reference_id CVE-2022-24947
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24947
4
reference_url https://github.com/advisories/GHSA-4284-x26r-4hhc
reference_id GHSA-4284-x26r-4hhc
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4284-x26r-4hhc
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.2
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-s2x4-8adg-87g9
4
vulnerability VCID-spes-x1tu-gfef
5
vulnerability VCID-yss9-abks-xbgz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.2
aliases CVE-2022-24947, GHSA-4284-x26r-4hhc
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e1c2-enxb-ubh5
8
url VCID-fwb2-d76t-47dh
vulnerability_id VCID-fwb2-d76t-47dh
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A carefully crafted user preferences for submission could trigger an XSS vulnerability on Apache JSPWiki, related to the user preferences screen, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.11.2 or later.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-24948
reference_id
reference_type
scores
0
value 0.04453
scoring_system epss
scoring_elements 0.89241
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-24948
1
reference_url https://lists.apache.org/thread/86p0yzopc4mw2h5bkwpt927b2c8tfq3b
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/86p0yzopc4mw2h5bkwpt927b2c8tfq3b
2
reference_url http://www.openwall.com/lists/oss-security/2022/02/25/2
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/02/25/2
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-24948
reference_id CVE-2022-24948
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-24948
4
reference_url https://github.com/advisories/GHSA-9953-fmrw-v4vm
reference_id GHSA-9953-fmrw-v4vm
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9953-fmrw-v4vm
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.2
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-s2x4-8adg-87g9
4
vulnerability VCID-spes-x1tu-gfef
5
vulnerability VCID-yss9-abks-xbgz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.2
aliases CVE-2022-24948, GHSA-9953-fmrw-v4vm
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fwb2-d76t-47dh
9
url VCID-hpr3-f4s8-43ae
vulnerability_id VCID-hpr3-f4s8-43ae
summary 
Cross-site Scripting
In Apache JSPWiki, a carefully crafted URL could execute javascript on another user's session. No information could be saved on the server or jspwiki database, nor would an attacker be able to execute js on someone else's browser; only on its own browser.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0224
reference_id
reference_type
scores
0
value 0.02408
scoring_system epss
scoring_elements 0.85348
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0224
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0224
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0224
2
reference_url https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/b4b4992a93d899050c1117a07c3c7fc9a175ec0672ab97065228de67@%3Cdev.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/b4b4992a93d899050c1117a07c3c7fc9a175ec0672ab97065228de67@%3Cdev.jspwiki.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/e42d6e93384d4a33e939989cd00ea2a06ccf1e7bb1e6bdd3bf5187c1@%3Ccommits.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e42d6e93384d4a33e939989cd00ea2a06ccf1e7bb1e6bdd3bf5187c1@%3Ccommits.jspwiki.apache.org%3E
5
reference_url http://www.securityfocus.com/bid/107631
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/107631
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0224
reference_id CVE-2019-0224
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0224
7
reference_url https://github.com/advisories/GHSA-fmpq-w5q6-9vf9
reference_id GHSA-fmpq-w5q6-9vf9
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-fmpq-w5q6-9vf9
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M3
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5chf-z411-uygk
1
vulnerability VCID-5r9e-y7dr-mqd7
2
vulnerability VCID-84qw-2dwv-mba7
3
vulnerability VCID-8m4d-3t48-8kex
4
vulnerability VCID-8p77-dmhf-6kbf
5
vulnerability VCID-9wyb-y38j-wkeu
6
vulnerability VCID-e1c2-enxb-ubh5
7
vulnerability VCID-fwb2-d76t-47dh
8
vulnerability VCID-jwtu-3v1h-3be1
9
vulnerability VCID-p2c4-2xqh-d7b2
10
vulnerability VCID-pq48-q59y-bfhd
11
vulnerability VCID-pq7h-qrb3-xqb8
12
vulnerability VCID-q546-dm9k-9fdq
13
vulnerability VCID-s2x4-8adg-87g9
14
vulnerability VCID-spes-x1tu-gfef
15
vulnerability VCID-wbfe-sm9a-vkh2
16
vulnerability VCID-yss9-abks-xbgz
17
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M3
aliases CVE-2019-0224, GHSA-fmpq-w5q6-9vf9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hpr3-f4s8-43ae
10
url VCID-jwtu-3v1h-3be1
vulnerability_id VCID-jwtu-3v1h-3be1
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10090
reference_id
reference_type
scores
0
value 0.04374
scoring_system epss
scoring_elements 0.89142
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10090
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10090
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10090
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10090
reference_id CVE-2019-10090
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10090
3
reference_url https://github.com/advisories/GHSA-g6ww-2x43-h963
reference_id GHSA-g6ww-2x43-h963
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-g6ww-2x43-h963
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-e1c2-enxb-ubh5
4
vulnerability VCID-fwb2-d76t-47dh
5
vulnerability VCID-p2c4-2xqh-d7b2
6
vulnerability VCID-q546-dm9k-9fdq
7
vulnerability VCID-s2x4-8adg-87g9
8
vulnerability VCID-spes-x1tu-gfef
9
vulnerability VCID-yss9-abks-xbgz
10
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
aliases CVE-2019-10090, GHSA-g6ww-2x43-h963
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jwtu-3v1h-3be1
11
url VCID-p2c4-2xqh-d7b2
vulnerability_id VCID-p2c4-2xqh-d7b2
summary 
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Denounce plugin, which could allow the attacker to execute javascript in the victim's browser and retrieve sensitive information about the victim.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40369
reference_id
reference_type
scores
0
value 0.02915
scoring_system epss
scoring_elements 0.86628
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40369
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2021-40369
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2021-40369
3
reference_url https://lists.apache.org/thread/r2j00nrnpjgcmoxvlv3pgfoq9kzrcsfh
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/r2j00nrnpjgcmoxvlv3pgfoq9kzrcsfh
4
reference_url http://www.openwall.com/lists/oss-security/2022/08/03/3
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2022/08/03/3
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40369
reference_id CVE-2021-40369
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40369
6
reference_url https://github.com/advisories/GHSA-cfqj-9g2g-w7q6
reference_id GHSA-cfqj-9g2g-w7q6
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cfqj-9g2g-w7q6
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-e1c2-enxb-ubh5
4
vulnerability VCID-fwb2-d76t-47dh
5
vulnerability VCID-s2x4-8adg-87g9
6
vulnerability VCID-spes-x1tu-gfef
7
vulnerability VCID-yss9-abks-xbgz
8
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0
aliases CVE-2021-40369, GHSA-cfqj-9g2g-w7q6
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p2c4-2xqh-d7b2
12
url VCID-p84k-d4tc-3fhv
vulnerability_id VCID-p84k-d4tc-3fhv
summary 
Path Traversal
A specially crafted url could be used to access files under the ROOT directory of the application on Apache JSPWiki which could be used by an attacker to obtain registered users' details.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-0225
reference_id
reference_type
scores
0
value 0.03398
scoring_system epss
scoring_elements 0.87617
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-0225
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0225
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-0225
2
reference_url https://lists.apache.org/thread.html/03ddbcb1d6322e04734e65805a147a32bcfdb71b8fc5821fb046ba8d@%3Cannounce.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/03ddbcb1d6322e04734e65805a147a32bcfdb71b8fc5821fb046ba8d@%3Cannounce.apache.org%3E
3
reference_url https://lists.apache.org/thread.html/4f19fdbd8b9c4caf6137a459d723f4ec60379b033ed69277eb4e0af9@%3Cuser.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/4f19fdbd8b9c4caf6137a459d723f4ec60379b033ed69277eb4e0af9@%3Cuser.jspwiki.apache.org%3E
4
reference_url https://lists.apache.org/thread.html/6251c06cb11e0b495066be73856592dbd7ed712487ef283d10972831@%3Cdev.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/6251c06cb11e0b495066be73856592dbd7ed712487ef283d10972831@%3Cdev.jspwiki.apache.org%3E
5
reference_url https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E
6
reference_url https://lists.apache.org/thread.html/e42d6e93384d4a33e939989cd00ea2a06ccf1e7bb1e6bdd3bf5187c1@%3Ccommits.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/e42d6e93384d4a33e939989cd00ea2a06ccf1e7bb1e6bdd3bf5187c1@%3Ccommits.jspwiki.apache.org%3E
7
reference_url http://www.openwall.com/lists/oss-security/2019/03/26/2
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/03/26/2
8
reference_url http://www.securityfocus.com/bid/107627
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/107627
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-0225
reference_id CVE-2019-0225
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-0225
10
reference_url https://github.com/advisories/GHSA-pffw-p2q5-w6vh
reference_id GHSA-pffw-p2q5-w6vh
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/advisories/GHSA-pffw-p2q5-w6vh
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M3
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5chf-z411-uygk
1
vulnerability VCID-5r9e-y7dr-mqd7
2
vulnerability VCID-84qw-2dwv-mba7
3
vulnerability VCID-8m4d-3t48-8kex
4
vulnerability VCID-8p77-dmhf-6kbf
5
vulnerability VCID-9wyb-y38j-wkeu
6
vulnerability VCID-e1c2-enxb-ubh5
7
vulnerability VCID-fwb2-d76t-47dh
8
vulnerability VCID-jwtu-3v1h-3be1
9
vulnerability VCID-p2c4-2xqh-d7b2
10
vulnerability VCID-pq48-q59y-bfhd
11
vulnerability VCID-pq7h-qrb3-xqb8
12
vulnerability VCID-q546-dm9k-9fdq
13
vulnerability VCID-s2x4-8adg-87g9
14
vulnerability VCID-spes-x1tu-gfef
15
vulnerability VCID-wbfe-sm9a-vkh2
16
vulnerability VCID-yss9-abks-xbgz
17
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M3
aliases CVE-2019-0225, GHSA-pffw-p2q5-w6vh
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p84k-d4tc-3fhv
13
url VCID-pq48-q59y-bfhd
vulnerability_id VCID-pq48-q59y-bfhd
summary 
Cross-site Scripting
A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki which could lead to session hijacking. Initial reporting indicated `ReferredPagesPlugin`, but further analysis showed that multiple plugins were vulnerable.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10078
reference_id
reference_type
scores
0
value 0.0305
scoring_system epss
scoring_elements 0.86924
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10078
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10078
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10078
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10078
reference_id CVE-2019-10078
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10078
3
reference_url https://github.com/advisories/GHSA-hp5r-mhgp-56c9
reference_id GHSA-hp5r-mhgp-56c9
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hp5r-mhgp-56c9
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5chf-z411-uygk
1
vulnerability VCID-5r9e-y7dr-mqd7
2
vulnerability VCID-84qw-2dwv-mba7
3
vulnerability VCID-8m4d-3t48-8kex
4
vulnerability VCID-8p77-dmhf-6kbf
5
vulnerability VCID-9wyb-y38j-wkeu
6
vulnerability VCID-e1c2-enxb-ubh5
7
vulnerability VCID-fwb2-d76t-47dh
8
vulnerability VCID-jwtu-3v1h-3be1
9
vulnerability VCID-p2c4-2xqh-d7b2
10
vulnerability VCID-pq7h-qrb3-xqb8
11
vulnerability VCID-q546-dm9k-9fdq
12
vulnerability VCID-s2x4-8adg-87g9
13
vulnerability VCID-spes-x1tu-gfef
14
vulnerability VCID-yss9-abks-xbgz
15
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
aliases CVE-2019-10078, GHSA-hp5r-mhgp-56c9
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pq48-q59y-bfhd
14
url VCID-pq7h-qrb3-xqb8
vulnerability_id VCID-pq7h-qrb3-xqb8
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12407
reference_id
reference_type
scores
0
value 0.04421
scoring_system epss
scoring_elements 0.89201
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12407
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-12407
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-12407
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-12407
reference_id CVE-2019-12407
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-12407
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-e1c2-enxb-ubh5
4
vulnerability VCID-fwb2-d76t-47dh
5
vulnerability VCID-p2c4-2xqh-d7b2
6
vulnerability VCID-q546-dm9k-9fdq
7
vulnerability VCID-s2x4-8adg-87g9
8
vulnerability VCID-spes-x1tu-gfef
9
vulnerability VCID-yss9-abks-xbgz
10
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M5
aliases CVE-2019-12407, GHSA-p2r4-rpj8-m2p9
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pq7h-qrb3-xqb8
15
url VCID-q546-dm9k-9fdq
vulnerability_id VCID-q546-dm9k-9fdq
summary 
Incorrect Default Permissions
Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance by using a carefuly crafted http request on logout, given that those files are reachable to the user running the JSPWiki instance.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-44140
reference_id
reference_type
scores
0
value 0.05872
scoring_system epss
scoring_elements 0.90712
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-44140
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2021-44140
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2021-44140
3
reference_url https://lists.apache.org/thread/5qglpjdhvobppx7j550lf1sk28f6011t
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread/5qglpjdhvobppx7j550lf1sk28f6011t
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-44140
reference_id CVE-2021-44140
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-44140
5
reference_url https://github.com/advisories/GHSA-8gw6-w5rw-4g5c
reference_id GHSA-8gw6-w5rw-4g5c
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8gw6-w5rw-4g5c
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-e1c2-enxb-ubh5
4
vulnerability VCID-fwb2-d76t-47dh
5
vulnerability VCID-s2x4-8adg-87g9
6
vulnerability VCID-spes-x1tu-gfef
7
vulnerability VCID-yss9-abks-xbgz
8
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0
aliases CVE-2021-44140, GHSA-8gw6-w5rw-4g5c
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q546-dm9k-9fdq
16
url VCID-s2x4-8adg-87g9
vulnerability_id VCID-s2x4-8adg-87g9
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-27166
reference_id
reference_type
scores
0
value 0.17527
scoring_system epss
scoring_elements 0.95197
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-27166
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-27166
reference_id CVE-2022-27166
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-27166
4
reference_url https://github.com/advisories/GHSA-2fxf-qj94-3f83
reference_id GHSA-2fxf-qj94-3f83
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-2fxf-qj94-3f83
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8m4d-3t48-8kex
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
aliases CVE-2022-27166, GHSA-2fxf-qj94-3f83
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2x4-8adg-87g9
17
url VCID-spes-x1tu-gfef
vulnerability_id VCID-spes-x1tu-gfef
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-34158
reference_id
reference_type
scores
0
value 0.01087
scoring_system epss
scoring_elements 0.78216
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-34158
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-34158
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-34158
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-34158
reference_id CVE-2022-34158
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-34158
4
reference_url https://github.com/advisories/GHSA-jp3m-p26h-mm7v
reference_id GHSA-jp3m-p26h-mm7v
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jp3m-p26h-mm7v
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8m4d-3t48-8kex
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
aliases CVE-2022-34158, GHSA-jp3m-p26h-mm7v
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-spes-x1tu-gfef
18
url VCID-wbfe-sm9a-vkh2
vulnerability_id VCID-wbfe-sm9a-vkh2
summary 
Cross-site Scripting
A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki, which could lead to session hijacking.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10077
reference_id
reference_type
scores
0
value 0.03016
scoring_system epss
scoring_elements 0.86841
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10077
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10077
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10077
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10077
reference_id CVE-2019-10077
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10077
3
reference_url https://github.com/advisories/GHSA-cj6j-32rg-45r2
reference_id GHSA-cj6j-32rg-45r2
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cj6j-32rg-45r2
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5chf-z411-uygk
1
vulnerability VCID-5r9e-y7dr-mqd7
2
vulnerability VCID-84qw-2dwv-mba7
3
vulnerability VCID-8m4d-3t48-8kex
4
vulnerability VCID-8p77-dmhf-6kbf
5
vulnerability VCID-9wyb-y38j-wkeu
6
vulnerability VCID-e1c2-enxb-ubh5
7
vulnerability VCID-fwb2-d76t-47dh
8
vulnerability VCID-jwtu-3v1h-3be1
9
vulnerability VCID-p2c4-2xqh-d7b2
10
vulnerability VCID-pq7h-qrb3-xqb8
11
vulnerability VCID-q546-dm9k-9fdq
12
vulnerability VCID-s2x4-8adg-87g9
13
vulnerability VCID-spes-x1tu-gfef
14
vulnerability VCID-yss9-abks-xbgz
15
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
aliases CVE-2019-10077, GHSA-cj6j-32rg-45r2
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wbfe-sm9a-vkh2
19
url VCID-yss9-abks-xbgz
vulnerability_id VCID-yss9-abks-xbgz
summary
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-28731
reference_id
reference_type
scores
0
value 0.15456
scoring_system epss
scoring_elements 0.94772
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-28731
1
reference_url https://github.com/apache/jspwiki
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/apache/jspwiki
2
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
3
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-28731
reference_id CVE-2022-28731
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-28731
4
reference_url https://github.com/advisories/GHSA-9x9j-vrhj-v364
reference_id GHSA-9x9j-vrhj-v364
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9x9j-vrhj-v364
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-8m4d-3t48-8kex
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.3
aliases CVE-2022-28731, GHSA-9x9j-vrhj-v364
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yss9-abks-xbgz
20
url VCID-z47r-8zww-u7d1
vulnerability_id VCID-z47r-8zww-u7d1
summary 
Cross-site Scripting
A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki, which could lead to session hijacking.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10076
reference_id
reference_type
scores
0
value 0.03049
scoring_system epss
scoring_elements 0.86922
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10076
1
reference_url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10076
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10076
2
reference_url https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://lists.apache.org/thread.html/aac253cfc33c0429b528e2fcbe82d3a42d742083c528f58d192dfd16@%3Ccommits.jspwiki.apache.org%3E
3
reference_url http://www.openwall.com/lists/oss-security/2019/05/19/4
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/05/19/4
4
reference_url http://www.securityfocus.com/bid/108437
reference_id
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/108437
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10076
reference_id CVE-2019-10076
reference_type
scores
0
value 6.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10076
6
reference_url https://github.com/advisories/GHSA-cxx2-fp39-rf3r
reference_id GHSA-cxx2-fp39-rf3r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cxx2-fp39-rf3r
fixed_packages
0
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5chf-z411-uygk
1
vulnerability VCID-5r9e-y7dr-mqd7
2
vulnerability VCID-84qw-2dwv-mba7
3
vulnerability VCID-8m4d-3t48-8kex
4
vulnerability VCID-8p77-dmhf-6kbf
5
vulnerability VCID-9wyb-y38j-wkeu
6
vulnerability VCID-e1c2-enxb-ubh5
7
vulnerability VCID-fwb2-d76t-47dh
8
vulnerability VCID-jwtu-3v1h-3be1
9
vulnerability VCID-p2c4-2xqh-d7b2
10
vulnerability VCID-pq7h-qrb3-xqb8
11
vulnerability VCID-q546-dm9k-9fdq
12
vulnerability VCID-s2x4-8adg-87g9
13
vulnerability VCID-spes-x1tu-gfef
14
vulnerability VCID-yss9-abks-xbgz
15
vulnerability VCID-z47r-8zww-u7d1
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.0.M4
1
url pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.1
purl pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-5r9e-y7dr-mqd7
1
vulnerability VCID-84qw-2dwv-mba7
2
vulnerability VCID-8m4d-3t48-8kex
3
vulnerability VCID-e1c2-enxb-ubh5
4
vulnerability VCID-fwb2-d76t-47dh
5
vulnerability VCID-s2x4-8adg-87g9
6
vulnerability VCID-spes-x1tu-gfef
7
vulnerability VCID-yss9-abks-xbgz
resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.11.1
aliases CVE-2019-10076, GHSA-cxx2-fp39-rf3r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z47r-8zww-u7d1
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:maven/org.apache.jspwiki/jspwiki-war@2.10.4