jetspeed-portal is vulnerable to cross-site scripting. The vulnerability exists because the library does not properly filter the untrusted user inputs by default, allowing an attacker to inject and execute malicious javascript
CPE | Name | Operator | Version |
---|---|---|---|
jetspeed-2 portal components | le | 2.3.1 | |
jetspeed-2 portal components | le | 2.3.1 |