Количество 2
Количество 2
CVE-2022-32533
Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS, CSRF, XXE, and SSRF. Setting the configuration option "xss.filter.post = true" may mitigate these issues. NOTE: Apache Jetspeed is a dormant project of Apache Portals and no updates will be provided for this issue
GHSA-h975-r69h-4w9p
Insufficient user input in Apache Jetspeed-2
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2022-32533 Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS, CSRF, XXE, and SSRF. Setting the configuration option "xss.filter.post = true" may mitigate these issues. NOTE: Apache Jetspeed is a dormant project of Apache Portals and no updates will be provided for this issue | CVSS3: 9.8 | 12% Средний | больше 3 лет назад |
| GHSA-h975-r69h-4w9p Insufficient user input in Apache Jetspeed-2 | CVSS3: 9.8 | 12% Средний | больше 3 лет назад |
Уязвимостей на страницу