2 matches found
CVE-2015-2944
Multiple cross-site scripting XSS vulnerabilities in Apache Sling API before 2.2.2 and Apache Sling Servlets Post before 2.1.2 allow remote attackers to inject arbitrary web script or HTML via the URI, related to 1 org/apache/sling/api/servlets/HtmlResponse and 2...
CVE-2015-2944
This CVE refers to cross-site scripting vulnerabilities in Apache Sling components. Affected software: Apache Sling API (prior to 2.2.2) and Apache Sling Servlets Post (prior to 2.1.2). Vulnerable element: URI handling in HtmlResponse implementations (org.apache.sling.api.servlets.HtmlResponse an...