Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2021-20293HistoryJun 10, 2021 - 12:15 p.m.
CVE-2021-20293
2021-06-1012:15:00
Debian Security Bug Tracker
security-tracker.debian.org
15
0.001 Low
EPSS
Percentile
36.3%
A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 999 | all | resteasy | <= 3.6.2-2 | resteasy_3.6.2-2_all.deb |
| Debian | 12 | all | resteasy3.0 | <= 3.0.26-3 | resteasy3.0_3.0.26-3_all.deb |
| Debian | 11 | all | resteasy3.0 | <= 3.0.26-2 | resteasy3.0_3.0.26-2_all.deb |
| Debian | 10 | all | resteasy3.0 | <= 3.0.26-1 | resteasy3.0_3.0.26-1_all.deb |
| Debian | 999 | all | resteasy3.0 | <= 3.0.26-3 | resteasy3.0_3.0.26-3_all.deb |
Related
redhatcve
redhatcve
CVE-2021-20293
2021-03-25 20:06:28
osv
osv
CVE-2021-20293
2021-06-10 12:15:07
Cross-Site Scripting
2021-06-15 15:59:27
github
github
Cross-Site Scripting
2021-06-15 15:59:27
nvd
nvd
CVE-2021-20293
2021-06-10 12:15:07
veracode
veracode
Cross-Site Scripting (XSS)
2022-05-06 00:42:36
cvelist
cvelist
CVE-2021-20293
2021-06-10 11:09:47
prion
prion
Cross site scripting
2021-06-10 12:15:00
cve
cve
CVE-2021-20293
2021-06-10 12:15:07
ubuntucve
ubuntucve
CVE-2021-20293
2021-06-10 00:00:00
nessus
nessus
RHEL 7 : resteasy (Unpatched Vulnerability)
2024-06-03 00:00:00
RHEL 8 : resteasy (Unpatched Vulnerability)
2024-06-03 00:00:00
redhat
redhat