Maven/Org.apache.portals.pluto/Pluto-Portal

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks.

Advisories for Maven/Org.apache.portals.pluto/Pluto-Portal package