CVE-2016-6348
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in maven/org.jboss.resteasy/resteasy-client
Identifiers
GHSA-9xfc-j5mf-9w5p, CVE-2016-6348
Package Slug
maven/org.jboss.resteasy/resteasy-client
Vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Description
JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.
Affected Versions
All versions after 3.0.20 before 3.1.0
Solution
Unfortunately, there is no solution available yet.
Last Modified
2022-06-21
| source |