5 matches found
CVE-2019-25028
Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector...
CVE-2019-25028
Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector...
CVE-2019-25028 Stored cross-site scripting in Grid component in Vaadin 7 and 8
Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector...
CVE-2019-25028
CVE-2019-25028 describes a stored cross-site scripting (XSS) vulnerability in Vaadin's Grid component (com.vaadin:vaadin-server). Affected are Vaadin Server versions 7.4.0–7.7.19 and 8.0.0–8.8.4. An attacker could inject malicious JavaScript via an unspecified vector, with potential impact includ...
Stored cross-site scripting in Grid component in Vaadin 7 and 8
Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 Vaadin 7.4.0 through 7.7.19, and 8.0.0 through 8.8.4 Vaadin 8.0.0 through 8.8.4 allows attacker to inject malicious JavaScript via unspecified vector. -...