CVE-2019-0225

Name of the Vulnerable Software and Affected Versions: Apache JSPWiki versions 2.9.0 through 2.11.0.M2

Description: A specially crafted URL could be used to access files under the ROOT directory of the application, potentially allowing an attacker to obtain registered users' details.

Recommendations: For Apache JSPWiki versions 2.9.0 through 2.11.0.M2, consider restricting access to sensitive files and directories under the ROOT directory until a patch is available. As a temporary workaround, limit the information stored in accessible files to minimize the risk of data exposure.