CVE-2019-0186
Apache Pluto Chat Room Demo Portlet vulnerability CVE-2019-0186 is a Cross-Site Scripting (XSS) issue in versions 3.0.0 and 3.0.1. Attackers can inject HTML into the Name/Message fields, which is reflected in the page. Mitigation: uninstall the ChatRoomDemo WAR or upgrade to version 3.1.0. No exp...