Is CVE-2022-28732 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apache Software Foundation Jspwiki

CVE-2022-28732

A carefully crafted request on WeblogPlugin could trigger an XSS vulnerability on Apache JSPWiki, which could allow the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPW…

EPSS: 0.857 (99.7th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Jspwiki — versions Apache JSPWiki

Public proof-of-concept exploits

ARPSyndicate/cve-scores
muneebaashiq/MBProjects

References

jspwiki-wiki.apache.org/Wiki.jsp (x_refsource_MISC)

Frequently asked questions

What is CVE-2022-28732?: CVE-2022-28732 is a vulnerability in Apache Software Foundation Jspwiki. Published 2022-08-04.
Is CVE-2022-28732 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.