Lucene search
Veracode Vulnerability DatabaseVERACODE:22755HistoryMar 20, 2020 - 6:20 a.m.
Cross-Site Scripting (XSS)
2020-03-2006:20:39
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
EPSS
0.002
Percentile
54.9%
deltaspike is vulnerable to cross-site scripting (XSS). A remote attacker is able to inject and execute arbitrary Javascript in a user’s browser via the dswid parameter and the URL.
References
issues.apache.org/jira/browse/DELTASPIKE-1389
issues.apache.org/jira/browse/DELTASPIKE-1401
lists.apache.org/thread.html/r848d7d4c0bf637da55f01103eb8ba0fce344c295fda53264cbaa1568@%3Ccommits.camel.apache.org%3E
lists.apache.org/thread.html/r8f327712b2b07f867fde1e77cbafcf8cc6a3facaa693ffdd2c3285e3%40%3Cdev.deltaspike.apache.org%3E
Related
cve
cve
CVE-2019-12416
2020-03-19 15:15:12
nvd
nvd
CVE-2019-12416
2020-03-19 15:15:12
osv
osv
Injection in DeltaSpike
2022-02-10 20:54:31
CVE-2019-12416
2020-03-19 15:15:12
github
github
Injection in DeltaSpike
2022-02-10 20:54:31
prion
prion
Design/Logic Flaw
2020-03-19 15:15:00
cvelist
cvelist
CVE-2019-12416
2020-03-19 14:48:52