Apache Jetspeed
By the Year
In 2024 there have been 0 vulnerabilities in Apache Jetspeed . Jetspeed did not have any published security vulnerabilities last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2024 | 0 | 0.00 |
2023 | 0 | 0.00 |
2022 | 1 | 9.80 |
2021 | 0 | 0.00 |
2020 | 0 | 0.00 |
2019 | 0 | 0.00 |
2018 | 0 | 0.00 |
It may take a day or so for new Jetspeed vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Apache Jetspeed Security Vulnerabilities
Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS
CVE-2022-32533
9.8 - Critical
- July 06, 2022
Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS, CSRF, XXE, and SSRF. Setting the configuration option "xss.filter.post = true" may mitigate these issues. NOTE: Apache Jetspeed is a dormant project of Apache Portals and no updates will be provided for this issue
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Apache Jetspeed or by Apache? Click the Watch button to subscribe.