VYPR
Unrated severityNVD Advisory· Published Jul 15, 2019· Updated Aug 4, 2024

CVE-2019-0234

CVE-2019-0234

Description

A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to the latest version of Roller, which is now Roller 5.2.3.

Affected products

2
  • Apache/Rollerllm-fuzzy
    Range: <5.2.3
  • Apache/Apache Rollerv5
    Range: Roller 5.2

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.