Description
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the plain editor, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.
Remediation
References
https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10090
Related Vulnerabilities
CVE-2023-50779 Vulnerability in maven package com.cloudtp.jenkins:paaslane-estimate
CVE-2023-2631 Vulnerability in maven package org.jenkins-ci.plugins:codedx
CVE-2023-34659 Vulnerability in maven package org.jeecgframework.boot:jeecg-boot-parent
CVE-2013-6397 Vulnerability in maven package org.apache.solr:solr-core