Intrusion Prevention



This indicates an attack attempt against a Cross Site Scripting vulnerability in Apache Jetspeed .
The vulnerability is due to insufficient validation of user supplied data in the application. A remote attacker can exploit this by tricking an unsuspecting user into visiting a malicious webpage and execute arbitrary script code within context of the target users' browser.

Affected Products

Apache Software Foundation Jetspeed 2.2.0 to 2.2.2
Apache Software Foundation Jetspeed 2.3.0


System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser

Recommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References