Description

Cross-site scripting (XSS) vulnerability in the default exception handler in RESTEasy allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

https://bugzilla.redhat.com/show_bug.cgi?id=1372124

http://www.securityfocus.com/bid/92759

Related Vulnerabilities

CVE-2020-36641 Vulnerability in maven package fr.turri:axmlrpc

CVE-2020-6467 Vulnerability in maven package org.webjars.npm:electron

CVE-2022-35949 Vulnerability in maven package org.webjars.npm:undici

CVE-2020-28424 Vulnerability in npm package s3-kilatstorage

CVE-2022-0341 Vulnerability in npm package vditor

Severity

High

Classification

CWE-79 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Issue Tracking Third Party Advisory VDB Entry