Vulnerability Details : CVE-2022-32533
Apache Jetspeed-2 does not sufficiently filter untrusted user input by default leading to a number of issues including XSS, CSRF, XXE, and SSRF. Setting the configuration option "xss.filter.post = true" may mitigate these issues. NOTE: Apache Jetspeed is a dormant project of Apache Portals and no updates will be provided for this issue
Vulnerability category: Cross site scripting (XSS)Cross-site request forgery (CSRF)XML external entity (XXE) injectionServer-side request forgery (SSRF)
Exploit prediction scoring system (EPSS) score for CVE-2022-32533
1.07%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 84 %
Percentile, the proportion of vulnerabilities that are scored at or less