jettison: If the value in map is the map's self, the new new JSONObject(map) cause StackOverflowError which may lead to dos

A flaw was found in Jettison, where it is vulnerable to a denial of service caused by a stack-based buffer overflow. By sending a specially-crafted request using the map parameter, a remote attacker can cause a denial of service...

Denial Of Service (DoS)

org.codehaus.jettison:jettison is vulnerable to Denial Of Service DoS. A remote attacker is able to cause a stack overflow via injecting a crafted string through the map parameter, resulting in denial of service...

GHSA-GRR4-WV38-F68W Jettison Out-of-bounds Write vulnerability

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

DEBIAN-CVE-2022-45693

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

UBUNTU-CVE-2022-45693

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

Stack overflow

Jettison before v1.5.2 was discovered to contain a stack overflow via the map parameter. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted string...

Yellowfin 跨站脚本漏洞

Yellowfin is a suite of innovative data and analytics products from Yellowfin Australia. A security vulnerability exists in Yellowfin Business Intelligence version 7.3, which stems from a cross-site scripting XSS vulnerability found to be contained in the configMap parameter. An attacker could...

CVE-2021-44302

BaiCloud-cms v2.5.7 was discovered to contain multiple SQL injection vulnerabilities via the tongji and baidumap parameters in /user/ztconfig.php...

CVE-2021-34651

The Scribble Maps WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the map parameter in the /includes/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

Cross site scripting

The Scribble Maps WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the map parameter in the /includes/admin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.2...

CVE-2020-15028

NeDi 1.9C is vulnerable to a cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Map.php xo parameter...

CVE-2020-15028

NeDi 1.9C is vulnerable to a cross-site scripting XSS attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Map.php xo parameter...

CVE-2006-4543

Cross-site scripting XSS vulnerability in index.php in HLStats 1.34 allows remote attackers to inject arbitrary web script or HTML via the 1 game parameter in players mode, the 2 weapon parameter in weaponinfo mode, the 3 st parameter in search mode, the 4 action parameter in actioninfo mode, and...