Lucene search
GoogleOSV:GHSA-VCFC-9WCP-J623HistoryMay 24, 2022 - 10:00 p.m.
Cross site scripting attack in ServiceStack Framework
2022-05-2422:00:16
Google
osv.dev
10
servicestack
cross site scripting
javascript
get request
browser encoding
fixed version 5.2.0
security issue
EPSS
0.001
Percentile
31.7%
ServiceStack ServiceStack Framework 4.5.14 is affected by: Cross Site Scripting (XSS). The impact is: JavaScrpit is reflected in the server response, hence executed by the browser. The component is: the query used in the GET request is prone. The attack vector is: Since there is no server-side validation and If Browser encoding is bypassed, the victim is affected when opening a crafted URL. The fixed version is: 5.2.0.
Related
veracode
veracode
Cross-Site Scripting (XSS)
2021-07-13 06:57:05
cve
cve
CVE-2019-1010199
2019-07-23 18:15:14
osv
osv
CVE-2019-1010199
2019-07-23 18:15:14
nvd
nvd
CVE-2019-1010199
2019-07-23 18:15:14
cvelist
cvelist
CVE-2019-1010199
2019-07-23 17:17:14
github
github
Cross site scripting attack in ServiceStack Framework
2022-05-24 22:00:16
prion
prion
Cross site scripting
2019-07-23 18:15:00