org.apache.portals.jetspeed-2:app-servers (>=2.1.3 <=2.1.4), org.apache.portals.jetspeed-2:applications (>=2.1.3 <=2.1.4) +35 more potentially affected by CVE-2016-0711 via org.apache.portals.jetspeed-2:jetspeed-commons (>=2.1.3 <=2.3.0)

org.apache.portals.jetspeed-2:jetspeed-commons MAVEN version =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.2.1, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.1.3, =2.3.0 and more Source cves: CVE-2016-0711 Source advisory: OSV:GHSA-5PGM-9G57-3WC7...

Security Bulletin: Multiple Security Vulnerabilities in Jetspeed Affect IBM Sterling B2B Integrator

Summary There are multiple security vulnerabilities in Jetspeed that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2016-0711 DESCRIPTION: Apache Jetspeed is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the add a link, page, or...

CVE-2016-0711

Apache Jetspeed is vulnerable to cross-site scripting via the title field when adding a link, page, or folder, due to insufficient validation of user input. A remote attacker could inject scripts into pages viewed by users, potentially executing in the browser and, per IBM advisory, may enable th...