CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

Veracode•added 2022/01/10 3:29 a.m.•19 views

Cross-site Scripting (XSS)

mvcbean-jsp-portlet-archetype is vulnerable to cross-site scripting. The library does not properly escape the user input firstName and lastName parameters in greeting.jspx, allowing an attacker to inject and execute malicious javascript...

6.1CVSS4.9AI score0.0601EPSS

Exploits0References3Affected Software1

OSV•added 2022/01/08 12:46 a.m.•17 views

GHSA-3QP6-M7HP-JRWF Cross-site Scripting in Apache Pluto

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

6.1CVSS5.9AI score0.0601EPSS

Exploits0References3

Github Security Blog•added 2022/01/08 12:46 a.m.•32 views

Cross-site Scripting in Apache Pluto

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

6.1CVSS5.7AI score0.0601EPSS

Exploits0References3Affected Software1

OSV•added 2022/01/06 9:15 a.m.•7 views

CVE-2021-36739

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

6.1CVSS5.8AI score0.0601EPSS

Exploits0References1

Vulnrichment•added 2022/01/06 8:50 a.m.•8 views

CVE-2021-36739 XSS vulnerability in the MVCBean JSP portlet maven archetype

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting XSS attacks...

5.9AI score0.0601EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by