com.erudika:para-cache-hazelcast (>=1.26.0 <=1.40.1), com.erudika:para-client (>=1.13 <=1.45.10) +9 more potentially affected by CVE-2022-1848 via com.erudika:para-core (>=1.13 <=1.45.9)

com.erudika:para-core MAVEN version =1.13, =1.26.0, =1.13, =1.20.0, =1.18.0, =1.28.1, =1.30.0, =1.25.0, =1.29.0, =1.28.0, =1.13, =1.24.4, =1.45.10 Source cves: CVE-2022-1848 Source advisory: OSV:GHSA-4793-8WWH-JXXR...

Cross-site Scripting (XSS)

para-core is vulnerable to cross-site scripting. The vulnerability exists because the compileMustache function of Utils.java does not properly escape the HTML when compiling mustache templates, allowing an attacker to inject and execute malicious javascript...

GHSA-PHVW-R25P-8XV7 Cross-site Scripting in com.erudika:para-core

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

Cross-site Scripting in com.erudika:para-core

Cross-site Scripting XSS - Generic in GitHub repository erudika/para prior to v1.45.11...

com.erudika:para-cache-hazelcast (>=1.26.0 <=1.39.0), com.erudika:para-client (>=1.13 <=1.45.10) +9 more potentially affected by CVE-2022-1782 via com.erudika:para-core (>=1.13 <=1.45.10)

com.erudika:para-core MAVEN version =1.13, =1.26.0, =1.13, =1.20.0, =1.18.0, =1.28.1, =1.30.0, =1.25.0, =1.29.0, =1.28.0, =1.13, =1.24.4, =1.45.10 Source cves: CVE-2022-1782 Source advisory: OSV:GHSA-PHVW-R25P-8XV7...