Security Advisory

CVE-2021-36738

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-06 08:50:15

Last updated 2024-08-04 01:01:59

Assigner apache

State PUBLISHED

Description

The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact

← Browse all CVEs View on cve.org ↗