Lucene search
RedhatCVELIST:CVE-2021-20293HistoryJun 10, 2021 - 11:09 a.m.
CVE-2021-20293
2021-06-1011:09:47
CWE-79
redhat
www.cve.org
0.001 Low
EPSS
Percentile
36.3%
A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.
CNA Affected
[
{
"product": "RESTEasy",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "All versions of RESTEasy up to 4.6.0.Final"
}
]
}
]Related
redhatcve
redhatcve
CVE-2021-20293
2021-03-25 20:06:28
osv
osv
CVE-2021-20293
2021-06-10 12:15:07
Cross-Site Scripting
2021-06-15 15:59:27
github
github
Cross-Site Scripting
2021-06-15 15:59:27
nvd
nvd
CVE-2021-20293
2021-06-10 12:15:07
veracode
veracode
Cross-Site Scripting (XSS)
2022-05-06 00:42:36
cve
cve
CVE-2021-20293
2021-06-10 12:15:07
ubuntucve
ubuntucve
CVE-2021-20293
2021-06-10 00:00:00
nessus
nessus
RHEL 7 : resteasy (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : resteasy (Unpatched Vulnerability)
2024-06-03 00:00:00
debiancve
debiancve
CVE-2021-20293
2021-06-10 12:15:00
prion
prion
Cross site scripting
2021-06-10 12:15:00
redhat
redhat