Description
Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI.
Remediation
References
http://www-01.ibm.com/support/docview.wss?uid=swg21975544
https://issues.apache.org/jira/browse/SOLR-7949
Related Vulnerabilities
CVE-2019-1003081 Vulnerability in maven package org.jenkins-ci.plugins:openshift-deployer
CVE-2012-6662 Vulnerability in npm package jquery-ui
CVE-2022-29253 Vulnerability in maven package org.xwiki.platform:xwiki-platform-oldcore
CVE-2021-22160 Vulnerability in maven package org.apache.pulsar:pulsar-broker-common
CVE-2021-23901 Vulnerability in maven package org.apache.nutch:nutch