Lucene search
DwfCVELIST:CVE-2019-1010199HistoryJul 23, 2019 - 5:17 p.m.
CVE-2019-1010199
2019-07-2317:17:14
dwf
www.cve.org
3
EPSS
0.001
Percentile
31.7%
ServiceStack ServiceStack Framework 4.5.14 is affected by: Cross Site Scripting (XSS). The impact is: JavaScrpit is reflected in the server response, hence executed by the browser. The component is: the query used in the GET request is prone. The attack vector is: Since there is no server-side validation and If Browser encoding is bypassed, the victim is affected when opening a crafted URL. The fixed version is: 5.2.0.
CNA Affected
[
{
"product": "ServiceStack Framework",
"vendor": "ServiceStack",
"versions": [
{
"status": "affected",
"version": "4.5.14 [fixed: 5.2.0]"
}
]
}
]Related
veracode
veracode
Cross-Site Scripting (XSS)
2021-07-13 06:57:05
cve
cve
CVE-2019-1010199
2019-07-23 18:15:14
osv
osv
Cross site scripting attack in ServiceStack Framework
2022-05-24 22:00:16
CVE-2019-1010199
2019-07-23 18:15:14
nvd
nvd
CVE-2019-1010199
2019-07-23 18:15:14
github
github
Cross site scripting attack in ServiceStack Framework
2022-05-24 22:00:16
prion
prion
Cross site scripting
2019-07-23 18:15:00