Vulnerabilities > Apache > Velocity Tools > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-10 | CVE-2020-13959 | Cross-site Scripting vulnerability in multiple products The default error page for VelocityView in Apache Velocity Tools prior to 3.1 reflects back the vm file that was entered as part of the URL. | 6.1 |