org.apache.oodt:oodt-core@0.2 vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the org.apache.oodt:oodt-core package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free
Vulnerability Vulnerable Version
  • M
Cross-site Scripting (XSS)

org.apache.oodt:oodt-core is a new version of Object Oriented Data Technology.

Affected versions of this package vulnerable to Cross-site Scripting (XSS) attacks. The URL is stored 'as is' in the ApplicationRequest object. If shown later in a view, (e.g.: on a 404 page) it may become a vector for an XSS attack.

This is related to SNYK-PYTHON-OODT-40626

[,0.4)