Back to directory
WRITEUP #2930

CVE-2022-24948: Apache JSPWiki preauth Stored XSS to ATO

XSSStored XSSAccount takeover
by@PaulosYibelo(Paulos Yibelo)
Program
Apache
Published
Mar 2, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://octagon.net/blog/2022/03/02/apache-jspwiki-preauth-xss-to-ato/
RELATED WRITEUPS
Self-XSS to ATO via Site Features
XSSSelf-XSS
Stored XSS in LibreOffice
XSSStored XSS
Persistent XSS on Microsoft Bing.com by poisoning Bingbot indexing
XSSStored XSS
Canary Token OSS Security Audit Report (Q2 2024)
XSSDoS
Type confusion attacks in ProseMirror editors
XSSType confusion

Built with ❤️ by Shubham Rawat