CVE-2021-36737

The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact...

Apache Pluto Cross-Site Scripting Vulnerability (CNVD-2022-02486)

A cross-site scripting vulnerability exists in Apache Pluto UrlTestPortlet, the Apache Foundation's runtime environment for a set of Portlet containers, which stems from the fact that the input fields of Apache Pluto UrlTestPortlet are vulnerable to cross-site scripting XSS attack. No details of...

CVE-2021-36737

The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact...

CVE-2021-36737

The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact...

CVE-2021-36737

CVE-2021-36737 affects Apache Pluto UrlTestPortlet within the v3-demo-portlet.war. The input fields are vulnerable to Cross-Site Scripting (XSS) due to insufficient input escaping in UrlTestPortlet, enabling injection of script code. The issue is documented across multiple feeds (NVD/Red Hat/CNVD...

Apache Pluto 跨站脚本漏洞

A cross-site scripting vulnerability exists in Apache Pluto UrlTestPortlet, the Apache Foundation's runtime environment for a set of Portlet containers, which stems from the fact that the input fields of Apache Pluto UrlTestPortlet are vulnerable to cross-site scripting XSS attack. No details of...