0.095 Low
EPSS
Percentile
94.8%
Cross-site scripting (XSS) vulnerability in Apache Jetspeed before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to portal.
mail-archives.apache.org/mod_mbox/portals-jetspeed-user/201603.mbox/%[email protected]%3E
nvd.nist.gov/vuln/detail/CVE-2016-0712
portals.apache.org/jetspeed-2/security-reports.html#CVE-2016-0712