Description
On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki, related to the Page Revision History, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.
Remediation
References
https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2019-10087
Related Vulnerabilities
CVE-2018-6341 Vulnerability in maven package org.webjars.bowergithub.vuejs:vue
CVE-2018-1261 Vulnerability in maven package org.springframework.integration:spring-integration-zip
CVE-2011-0509 Vulnerability in maven package com.vaadin:vaadin
CVE-2021-42697 Vulnerability in maven package com.typesafe.akka:akka-http-core
CVE-2023-37956 Vulnerability in maven package org.jenkins-ci.plugins:test-results-aggregator