CVE-2021-36739

CVE-2021-36739: XSS vulnerability in the MVCBean JSP portlet maven archetype

Vendor Apache Software Foundation
Product Apache Portals
Weakness CWE-79 · XSS
Published January 6, 2022
Last update May 22, 2025

CVSS base score

What the vulnerability does

01Description

The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks.

Key dates

02Disclosure timeline

January 6, 2022 CVE published
May 22, 2025 Record updated