CVE-2016-6348

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in maven/org.jboss.resteasy/resteasy-client

Identifiers

GHSA-9xfc-j5mf-9w5p, CVE-2016-6348

Package Slug

maven/org.jboss.resteasy/resteasy-client

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.

Affected Versions

All versions after 3.0.20 before 3.1.0

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-06-21

source