CVE-2022-37724

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in maven/wonder/wonder

Identifiers

GHSA-xv7r-9vq4-9wrq, CVE-2022-37724

Package Slug

maven/wonder/wonder

Vulnerability

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Description

Project Wonder WebObjects 1.0 through 5.4.3 is vulnerable to Arbitrary HTTP Header injection and URL- or Header-based XSS reflection in all web-server adaptor interfaces.

Affected Versions

All versions starting from 1.0 up to 5.4.3

Solution

Unfortunately, there is no solution available yet.

Last Modified

2022-09-19

source