Medium severity6.1NVD Advisory· Published Feb 15, 2016· Updated May 6, 2026
CVE-2015-8797
CVE-2015-8797
Description
Cross-site scripting (XSS) vulnerability in webapp/web/js/scripts/plugins.js in the stats page in the Admin UI in Apache Solr before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via the entry parameter to a plugins/cache URI.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.apache.solr:solr-coreMaven | < 5.3.1 | 5.3.1 |
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-v6gf-x8fp-532vghsaADVISORY
- issues.apache.org/jira/browse/SOLR-7949nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2015-8797ghsaADVISORY
- www-01.ibm.com/support/docview.wssnvdWEB
News mentions
0No linked articles in our index yet.