CVE-2013-4204

Google Web Toolkit (GWT) includes multiple XSS vulnerabilities in the JUnit files within GWTTestCase, affecting versions prior to 2.5.1 RC1. The root cause is improper handling in the JUnit-related code paths, enabling remote attackers to inject arbitrary web script or HTML via unspecified vector...

CVE-2012-5920

CVE-2012-5920 is an XSS vulnerability in Google Web Toolkit (GWT) 2.4–2.5 Final, used in JBoss Operations Network 3.1.1 and potentially other products. It stems from an incomplete fix for CVE-2012-4563 and allows remote attackers to inject arbitrary script/HTML via unspecified vectors. Red Hat/IB...

CVE-2007-2378

The CVE-2007-2378 issue concerns the Google Web Toolkit (GWT) framework, where JSON data is exchanged without a protection scheme, enabling JavaScript Hijacking. IBM’s bulletin specifies ITNM (IBM Tivoli Network Manager) IP Edition 4.2 GA through 4.2.0.15 is affected, with a fix in ITNM 4.2 Fix P...

CVE-2012-4563

CVE-2012-4563 is an XSS vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates prior to 2.4.0. An attacker could inject arbitrary script/HTML via unspecified vectors. The issue is noted as an incomplete fix in related advisories, and the recommended remediation is to upgrade to...

CVE-2007-6452

CVE-2007-6452 affects Google Web Toolkit (GWT) – specifically the benchmark reporting system. The connected JVN entry states a cross-site scripting (XSS) vulnerability in GWT before version 1.4.61, enabling arbitrary script execution in the user’s browser. No exploit details are provided beyond t...