3 matches found
CVE-2021-36737
The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact...
CVE-2021-36737 XSS in V3 Demo Portlet
The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact...
CVE-2021-36737
CVE-2021-36737 affects Apache Pluto UrlTestPortlet within the v3-demo-portlet.war. The input fields are vulnerable to Cross-Site Scripting (XSS) due to insufficient input escaping in UrlTestPortlet, enabling injection of script code. The issue is documented across multiple feeds (NVD/Red Hat/CNVD...