2 matches found
CVE-2021-36738 XSS vulnerability in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet
The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact...
CVE-2021-36738
The CVE-2021-36738 entry describes a Cross‑Site Scripting (XSS) vulnerability in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet. The issue arises in input fields and is mitigated by upgrading to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact. Affected produ...