Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ApachePluto*

3 matches found

CVE
CVEadded 2020/10/12 5:55 p.m.424 views

CVE-2020-15250

CVE-2020-15250 affects JUnit4 TemporaryFolder information disclosure in Unix-like environments where the system tmp dir is shared among users. Affected: JUnit4 versions before 4.13.1; fixed in 4.13.1 for Java 7+; Java 6 and earlier have no patch. Workarounds include running tests with a dedicated...

5.5CVSS5.2AI score0.00056EPSS
CVE
CVEadded 2022/01/06 8:50 a.m.66 views

CVE-2021-36737

CVE-2021-36737 affects Apache Pluto UrlTestPortlet within the v3-demo-portlet.war. The input fields are vulnerable to Cross-Site Scripting (XSS) due to insufficient input escaping in UrlTestPortlet, enabling injection of script code. The issue is documented across multiple feeds (NVD/Red Hat/CNVD...

6.1CVSS5.9AI score0.0601EPSS
CVE
CVEadded 2022/01/06 8:50 a.m.64 views

CVE-2021-36738

The CVE-2021-36738 entry describes a Cross‑Site Scripting (XSS) vulnerability in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet. The issue arises in input fields and is mitigated by upgrading to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact. Affected produ...

6.1CVSS5.9AI score0.0601EPSS