Moderate severity vulnerability that affects org.grails.plugins:fields and org.grails:grails-core

2018-10-1916:46:01

Google

osv.dev

0.001 Low

EPSS

Percentile

33.1%

JSON

Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS . This vulnerability appears to have been fixed in 2.2.8.

CPENameOperatorVersion
org.grails:grails-coreeq2.0.4
org.grails:grails-coreeq1.1.2
org.grails:grails-coreeq3.2.0.RC1
org.grails:grails-coreeq3.2.11
org.grails:grails-coreeq2.5.6
org.grails:grails-coreeq3.2.8
org.grails:grails-coreeq2.5.1
org.grails:grails-coreeq2.4.0.RC1
org.grails:grails-coreeq2.3.1
org.grails:grails-coreeq2.3.6

Name	Operator	Version
org.grails:grails-core	eq	2.0.4
org.grails:grails-core	eq	1.1.2
org.grails:grails-core	eq	3.2.0.RC1
org.grails:grails-core	eq	3.2.11
org.grails:grails-core	eq	2.5.6
org.grails:grails-core	eq	3.2.8
org.grails:grails-core	eq	2.5.1
org.grails:grails-core	eq	2.4.0.RC1
org.grails:grails-core	eq	2.3.1
org.grails:grails-core	eq	2.3.6