Security Advisory
CVE-2016-0711
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
Multiple cross-site scripting (XSS) vulnerabilities in Apache Jetspeed before 2.3.1 allow remote attackers to inject arbitrary web script or HTML via the title parameter when adding a (1) link, (2) page, or (3) folder resource.