Lucene search
K

8 matches found

Veracode
Veracode
added 2022/01/10 3:29 a.m.21 views

Cross-site Scripting (XSS)

mvcbean-jsp-portlet-archetype is vulnerable to cross-site scripting. The library does not properly escape the user input firstName and lastName parameters in greeting.jspx, allowing an attacker to inject and execute malicious javascript...

6.1CVSS4.9AI score0.02327EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/01/08 12:46 a.m.17 views

GHSA-3QP6-M7HP-JRWF Cross-site Scripting in Apache Pluto

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

6.1CVSS5.9AI score0.02327EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/01/08 12:46 a.m.34 views

Cross-site Scripting in Apache Pluto

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

6.1CVSS5.7AI score0.02327EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/01/06 9:15 a.m.5 views

CVE-2021-36738

The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting XSS attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact...

6.1CVSS6.4AI score0.02327EPSS
Exploits0References1
NVD
NVD
added 2022/01/06 9:15 a.m.41 views

CVE-2021-36739

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

6.1CVSS0.02327EPSS
Exploits0References1
Prion
Prion
added 2022/01/06 9:15 a.m.13 views

Cross site scripting

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

4.3CVSS5.9AI score0.02327EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/01/06 8:50 a.m.8 views

CVE-2021-36739 XSS vulnerability in the MVCBean JSP portlet maven archetype

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

5.9AI score0.02327EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/01/06 12:0 a.m.6 views

Apache Pluto 跨站脚本漏洞

A cross-site scripting vulnerability exists in the Apache Pluto Applicant MVCBean CDI portlet, which stems from the Apache Pluto Applicant MVCBean CDI runtime environment. portlet is vulnerable to cross-site scripting XSS attacks in the input fields of the JSP version of the portlet. No details o...

6.1CVSS5.1AI score0.02327EPSS
Exploits0References3
Rows per page
Query Builder