Severity: moderate Description:
The input fields in the JSP version of the Apache Pluto Applicant MVCBean CDI portlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact Mitigation: * Uninstall the applicant-mvcbean-cdi-jsp-portlet.war artifact -or- * Migrate to version 3.1.1 of the applicant-mvcbean-cdi-jsp-portlet.war artifact
