Description
A carefully crafted request on XHRHtml2Markup.jsp could trigger an XSS vulnerability on Apache JSPWiki up to and including 2.11.2, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.
Remediation
References
https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2022-28732
Related Vulnerabilities
CVE-2022-43435 Vulnerability in maven package org.jenkins-ci.plugins.plugin:fireline
CVE-2023-30542 Vulnerability in npm package @openzeppelin/contracts
CVE-2017-11481 Vulnerability in npm package kibana
CVE-2011-3375 Vulnerability in maven package org.apache.tomcat:catalina
CVE-2023-37960 Vulnerability in maven package io.jenkins.plugins:mathworks-polyspace