Description
JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1372129
Related Vulnerabilities
CVE-2018-20059 Vulnerability in maven package ro.pippo:pippo-jaxb
CVE-2018-14627 Vulnerability in maven package org.wildfly:wildfly-feature-pack
CVE-2022-45693 Vulnerability in maven package org.codehaus.jettison:jettison
CVE-2021-44906 Vulnerability in maven package org.webjars.npm:minimist
CVE-2020-14340 Vulnerability in maven package org.jboss.xnio:xnio-api