Jamie Parfet

**Name of the Vulnerable Software and Affected Versions** Apache JSPWiki versions up to 2.10.5 **Description** The issue is related to a lack of protection measures for the web page structure in Apache JSPWiki, based on JSP technology. A carefully crafted URL could trigger a session hijacking issue. Exploitation of this issue may allow a remote attacker to perform a cross-site scripting attack using a specially crafted link. **Recommendations** For Apache JSPWiki versions up to 2.10.5, consider disabling access to potentially vulnerable URLs as a temporary workaround until a patch is available. Restrict access to sensitive areas of the web application to minimize the risk of exploitation.