A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache Roller. Roller's Math Comment Authenticator did not property sanitize user input and could be exploited to perform Reflected Cross Site Scripting (XSS). The mitigation for this vulnerability is to upgrade to the latest version of Roller, which is now Roller 5.2.3.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: apache
Published:
Updated: 2024-08-04T17:44:15.970Z
Reserved: 2018-11-14T00:00:00
Link: CVE-2019-0234

No data.

Status : Modified
Published: 2019-07-15T22:15:12.133
Modified: 2024-11-21T04:16:33.563
Link: CVE-2019-0234

No data.