Lucene search
K

5 matches found

NVD
NVD
added 2021/04/23 4:15 p.m.42 views

CVE-2019-25028

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector...

6.1CVSS0.00923EPSS
Exploits0References3
OSV
OSV
added 2021/04/23 4:15 p.m.30 views

CVE-2019-25028

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector...

6.1CVSS6.6AI score0.00923EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/04/23 4:5 p.m.43 views

CVE-2019-25028 Stored cross-site scripting in Grid component in Vaadin 7 and 8

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector...

5.4CVSS6.3AI score0.00923EPSS
Exploits0References3
CVE
CVE
added 2021/04/23 4:5 p.m.149 views

CVE-2019-25028

CVE-2019-25028 describes a stored cross-site scripting (XSS) vulnerability in Vaadin's Grid component (com.vaadin:vaadin-server). Affected are Vaadin Server versions 7.4.0–7.7.19 and 8.0.0–8.8.4. An attacker could inject malicious JavaScript via an unspecified vector, with potential impact includ...

6.1CVSS5.7AI score0.00923EPSS
Exploits0References3Affected Software1
Github Security Blog
Github Security Blog
added 2021/04/19 2:49 p.m.69 views

Stored cross-site scripting in Grid component in Vaadin 7 and 8

Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector. -...

6.1CVSS3AI score0.00923EPSS
Exploits0References6Affected Software2
Rows per page
Query Builder