0.001 Low
EPSS
Percentile
46.8%
A cross-site scripting (XSS) flaw was found in RESTEasy, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.
bugzilla.redhat.com/show_bug.cgi?id=1814974
github.com/quarkusio/quarkus/issues/7248
issues.redhat.com/browse/RESTEASY-2519
nvd.nist.gov/vuln/detail/CVE-2020-10688
www.cve.org/CVERecord?id=CVE-2020-10688