Apache Jetspeed-2, a very open and customizable portal platform from the Apache Foundation, is vulnerable to an input validation error that results from Apache Jetspeed-2’s failure to adequately filter untrusted user input by default, which could be exploited by attackers to leading to cross-site scripting, cross-site request forgery, server-side request forgery, and other attacks.
CPE | Name | Operator | Version |
---|---|---|---|
Apache Jetspeed-2 | ge | 2.2.0 |