CNNVD-202507-3877 Information

CNNVD ID

CNNVD-202507-3877

Related CVE

CVE-2025-24854

• CNNVD Published: 2025-07-31

Description (Chinese)

Apache JSPWiki是美国阿帕奇（Apache）基金会的一款基于Java、Servlet和JSP构建的开源WikiWiki引擎。 Apache JSPWiki存在安全漏洞，该漏洞源于Image插件未正确处理请求，可能导致跨站脚本攻击。

Description (English)

Apache JSSPWiki is an open-source Wiki engine based on Java, Servlet and JSP of the Apache Foundation. There is a security gap in Apache JSSPWiki, which stems from the incorrect handling of requests by the Image plugin, which could lead to a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

阿帕奇

Published

2025-07-31

Last Modified

2026-02-24

References

https://jspwiki-wiki.apache.org/Wiki.jsp?page=CVE-2025-24854 https://access.redhat.com/security/cve/cve-2025-24854

Patch

https://jspwiki-wiki.apache.org/Wiki.jsp?page=Downloads