Description
Multiple cross-site scripting (XSS) vulnerabilities in the Admin UI in Apache Solr before 5.1 allow remote attackers to inject arbitrary web script or HTML via crafted fields that are mishandled during the rendering of the (1) Analysis page, related to webapp/web/js/scripts/analysis.js or (2) Schema-Browser page, related to webapp/web/js/scripts/schema-browser.js.
Remediation
References
https://issues.apache.org/jira/browse/SOLR-7346
Related Vulnerabilities
CVE-2019-16564 Vulnerability in maven package com.paul8620.jenkins.plugins:pipeline-aggregator-view
CVE-2023-25767 Vulnerability in maven package org.jenkins-ci.plugins:azure-credentials
CVE-2022-46688 Vulnerability in maven package org.jenkins-ci.plugins:sonar-gerrit
CVE-2020-1695 Vulnerability in maven package org.jboss.resteasy:resteasy-core
CVE-2023-40337 Vulnerability in maven package org.jenkins-ci.plugins:cloudbees-folder