The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks.
References
Link | Resource |
---|---|
https://lists.apache.org/thread/m5j87nn1lmvzp8b9lmh7gqq68g5lnb7p | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: apache
Published: 2022-01-06T08:50:16
Updated: 2022-01-06T08:50:16
Reserved: 2021-07-14T00:00:00
Link: CVE-2021-36739
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-01-06T09:15:07.327
Modified: 2022-01-12T14:51:21.543
Link: CVE-2021-36739
JSON object: View
Redhat Information
No data.
CWE