Pluto@* Security Vulnerabilities and Issues — Pluto@* CVE List

Lucene search

ApachePluto*

3 matches found

CVE•added 2020/10/12 6:15 p.m.•385 views

CVE-2020-15250

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this dir...

5.5CVSS5.2AI score0.00056EPSS

CVE•added 2022/01/06 9:15 a.m.•51 views

CVE-2021-36737

The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact

6.1CVSS5.9AI score0.15929EPSS

CVE•added 2022/01/06 9:15 a.m.•49 views

CVE-2021-36738

The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact

6.1CVSS5.9AI score0.15929EPSS