The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: apache

Published: 2022-01-06T08:50:13

Updated: 2024-08-04T01:01:58.974Z

Reserved: 2021-07-14T00:00:00

Link: CVE-2021-36737

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-01-06T09:15:07.117

Modified: 2024-11-21T06:13:59.230

Link: CVE-2021-36737

cve-icon Redhat

No data.