Lucene search
China National Vulnerability DatabaseCNVD-2022-70611HistoryJul 08, 2022 - 12:00 a.m.
Apache Jetspeed-2 Input Validation Error Vulnerability
2022-07-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
7
0.011 Low
EPSS
Percentile
84.2%
Apache Jetspeed-2, a very open and customizable portal platform from the Apache Foundation, is vulnerable to an input validation error that results from Apache Jetspeed-2’s failure to adequately filter untrusted user input by default, which could be exploited by attackers to leading to cross-site scripting, cross-site request forgery, server-side request forgery, and other attacks.
| CPE | Name | Operator | Version |
|---|---|---|---|
| Apache Jetspeed-2 | ge | 2.2.0 |
Related
veracode
veracode
Cross-site Scripting (XSS)
2022-07-07 04:39:55
osv
osv
Insufficient user input in Apache Jetspeed-2
2022-07-07 00:00:28
prion
prion
Design/Logic Flaw
2022-07-06 10:15:00
nvd
nvd
CVE-2022-32533
2022-07-06 10:15:09
github
github
Insufficient user input in Apache Jetspeed-2
2022-07-07 00:00:28
cve
cve
CVE-2022-32533
2022-07-06 10:15:09
cvelist
cvelist
CVE-2022-32533 Apache Portals Jetspeed XSS, CSRF, SSRF, and XXE issues
2022-07-06 09:40:12