CVE-2021-36739
XSS vulnerability in the MVCBean JSP portlet maven archetype
The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected products
Apache Software Foundation · Apache PortalsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →