Apache · Apache Jspwiki · CVE-2024-27136
**Name of the Vulnerable Software and Affected Versions**
Apache JSPWiki versions prior to 2.12.2
**Description**
The issue allows an attacker to execute javascript in the victim's browser and obtain sensitive information about the victim through a cross-site scripting (XSS) attack in the Upload page.
**Recommendations**
For Apache JSPWiki versions prior to 2.12.2, upgrade to 2.12.2 or later to resolve the issue.