Apache · Apache Jspwiki · CVE-2022-46907
**Name of the Vulnerable Software and Affected Versions**
Apache JSPWiki versions prior to 2.12.0
**Description**
A carefully crafted request on several JSPWiki plugins could trigger an issue that allows the attacker to execute javascript in the victim's browser and get some sensitive information about the victim.
**Recommendations**
For versions prior to 2.12.0, upgrade to 2.12.0 or later.