0.001 Low
EPSS
Percentile
48.5%
It was found that in some configurations the JacksonJsonpInterceptor is activated by default in RESTEasy. An attacker could use this flaw to launch a Cross Site Scripting Inclusion attack.
bugzilla.redhat.com/show_bug.cgi?id=1372129