0.001 Low
EPSS
Percentile
46.8%
resteasy-jaxrs is vulnerable to cross-site scripting (XSS). The vulnerability exists due to the lack of sanitization of the value of strVal, allowing RESTEASY003870 exceptions be used to execute arbitrary Javascript in a user’s browser.
strVal
RESTEASY003870
bugzilla.redhat.com/show_bug.cgi?id=1814974
github.com/quarkusio/quarkus/issues/7248
github.com/resteasy/Resteasy/commit/caef05ade16fd12c581cbc7177c191b87591757c
github.com/resteasy/Resteasy/pull/2320
issues.redhat.com/browse/RESTEASY-2519
security.netapp.com/advisory/ntap-20210706-0008/