Apache Roller versions 4.0.0 through 4.0.1 and 5.0 suffer from a cross site request forgery vulnerability.
4763bc6a74cffbb8c4a98ebfd85497d4c135a0229565573c11711bb32366736c
Apache Roller versions 4.0.0 through 4.0.1 and 5.0 suffer from a cross site scripting vulnerability.
2a3ef283fa2c44950937510f6450a29a58cbf100742cf9efd1a746297da0ed8a