Description
JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1372129
Related Vulnerabilities
CVE-2023-36478 Vulnerability in maven package org.eclipse.jetty:jetty-http
CVE-2016-3737 Vulnerability in maven package org.rhq:rhq-enterprise-comm
CVE-2020-1698 Vulnerability in maven package org.keycloak:keycloak-authz-client
CVE-2018-16487 Vulnerability in maven package org.fujion.webjars:lodash
CVE-2023-2422 Vulnerability in maven package org.keycloak:keycloak-services