0.001 Low
EPSS
Percentile
23.5%
flow-server is vulnerable to remote code execution. The vulnerability exists due to a the system not escaping the " character when passing request via DevModeHandlerImpl.
"
DevModeHandlerImpl
github.com/vaadin/flow/pull/11099
vaadin.com/security/cve-2021-33604