Apache: >> Jetspeed >> 2.3.1 Security Vulnerabilities
Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS, CSRF, XXE, and SSRF. Setting the configuration option "xss.filter.post = true" may mitigate these issues. NOTE: Apache Jetspeed is a dormant project of Apache Portals and no updates will be provided for this issue
CVSS Score
9.8
EPSS Score
0.116
Published
2022-07-06