Is CVE-2022-28730 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Jspwiki

CVE-2022-28730

A carefully crafted request on AJAXPreview.jsp could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. This vul…

EPSS: 0.857 (99.7th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Jspwiki — versions Apache JSPWiki

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

jspwiki-wiki.apache.org/Wiki.jsp (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-28730?: CVE-2022-28730 is a vulnerability in Apache Software Foundation Jspwiki. Published 2022-08-04.
Is CVE-2022-28730 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.