Apache · Apache Jetspeed-2 · CVE-2022-32533
**Name of the Vulnerable Software and Affected Versions**
Apache Jetspeed-2 (affected versions not specified)
**Description**
The issue arises from insufficient filtering of untrusted user input by default, leading to problems such as XSS, CSRF, XXE, and SSRF. Setting the configuration option `xss.filter.post = true` may help mitigate these issues. It's noted that Apache Jetspeed is a dormant project of Apache Portals, and no updates will be provided for this issue.
**Recommendations**
As a temporary workaround, consider setting the configuration option `xss.filter.post = true` to mitigate the issues.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.