The "first name" and "last name" fields of the Apache Pluto 3.1.0 MVCBean JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS) attacks.
Severity: moderate
Description:
The "first name" and "last name" fields of the Apache Pluto 310 MVCBean
JSP portlet maven archetype are vulnerable to Cross-Site Scripting (XSS)
attacks
Mitigation:
If a project was generated from the affected maven archetype using a
command like the following:
mvn archetype:generate \
-DarchetypeGroupId ...