[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-17344":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":52,"name":53,"published":54,"updated":34},17344,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":36,"public_description":37,"public_recommendation":38,"recommendation":34,"references":39,"cvssv3":42,"epss_score":43,"epss_percentile":44,"cve":45,"in_cisa_catalog":51,"date":34,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"high","Multiple flaws exist due to: - An improper validation of file names before writing them to disk in Import/Export function in the Portal Site Manager. - An authorization flaw in jetspeed user manager services. - An insufficient validation of user and role parameters in jetspeed User Manager service. - An error in the URI path directory after /portal. - Some errors in the functionality to add a link, page, or folder. Successful exploitation will allow remote attackers to obtain potentially sensitive information, and allows to upload arbitrary files, also causes sql injection.","Apache Jetspeed is prone to multiple vulnerabilities.","Upgrade to Apache Jetspeed version 2.3.1",[40,41],"https://portals.apache.org/jetspeed-2/security-reports.html","https://portals.apache.org/jetspeed-2/download.html",7.5,0.7922,0.99063,[46,47,48,49,50],"CVE-2016-0709","CVE-2016-0710","CVE-2016-0711","CVE-2016-0712","CVE-2016-2171",false,"NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.807648","Apache Jetspeed Multiple Vulnerabilities (Mar 2016)","2018-01-02T00:00:00Z"]