Severity: low Description:
The input fields of the Apache Pluto UrlTestPortlet are vulnerable to Cross-Site Scripting (XSS) attacks. Users should migrate to version 3.1.1 of the v3-demo-portlet.war artifact Mitigation: * Uninstall the v3-demo-portlet.war artifact -or- * Migrate to version 3.1.1 of the v3-demo-portlet.war artifact Credit: Thanks to Dhiraj Mishra for reporting.