Lucene search
Veracode Vulnerability DatabaseVERACODE:33556HistoryJan 07, 2022 - 10:36 a.m.
Cross-site Scripting (XSS)
2022-01-0710:36:43
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.002 Low
EPSS
Percentile
56.7%
org.apache.portals.pluto.demo:v3-demo-portlet is vulnerable to cross-site scripting (XSS). The library does not properly escape the user input parameters in UrlTestPortlet, allowing a remote attacker to inject and execute malicious javascript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| v3-demo-portlet | eq | 3.1.0 | |
| v3-demo-portlet | eq | 3.1.0 |
Related
cvelist
cvelist
CVE-2021-36737 XSS in V3 Demo Portlet
2022-01-06 08:50:13
osv
osv
Cross-site Scripting in Apache Pluto
2022-01-08 00:46:20
nvd
nvd
CVE-2021-36737
2022-01-06 09:15:07
prion
prion
Cross site scripting
2022-01-06 09:15:00
github
github
Cross-site Scripting in Apache Pluto
2022-01-08 00:46:20
cve
cve
CVE-2021-36737
2022-01-06 09:15:07
cnvd
cnvd
Apache Pluto Cross-Site Scripting Vulnerability (CNVD-2022-02486)
2022-01-10 00:00:00