Description
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.
Remediation
References
https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10087
Related Vulnerabilities
CVE-2021-45029 Vulnerability in maven package org.apache.shenyu:shenyu-common
CVE-2023-32068 Vulnerability in maven package org.xwiki.platform:xwiki-platform-url-api
CVE-2021-22112 Vulnerability in maven package org.springframework.security:spring-security-core
CVE-2023-34466 Vulnerability in maven package org.xwiki.platform:xwiki-platform-tag-api
CVE-2022-41249 Vulnerability in maven package com.meowlomo.jenkins:scm-httpclient