Lucene search
Veracode Vulnerability DatabaseVERACODE:7696HistoryNov 07, 2018 - 10:12 a.m.
Cross-site Scripting (XSS)
2018-11-0710:12:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.003 Low
EPSS
Percentile
65.5%
gwt-user is vulnerable to a cross-site scripting (XSS) attack. The library does not sanitize multiple script elements, allowing a malicious user to inject and execute arbitrary Javascript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gwt-user | le | 2.5.0 | |
| gwt-servlet | le | 2.5.0 |
References
rhn.redhat.com/errata/RHSA-2013-0187.html
www.openwall.com/lists/oss-security/2012/10/31/1
www.securityfocus.com/bid/57538
developers.google.com/web-toolkit/release-notes#Release_Notes_2_4_0
exchange.xforce.ibmcloud.com/vulnerabilities/80331
github.com/gwtproject/gwt/commit/4b1e5710d184205116e0e144b4501feb998e40b6
www.openwall.com/lists/oss-security/2012/10/31/1
Related
cvelist
cvelist
CVE-2012-5920
2012-11-20 00:00:00
ubuntucve
ubuntucve
CVE-2012-4563
2012-11-20 00:00:00
prion
prion
Cross site scripting
2012-11-20 00:55:00
ibm
ibm
nvd
nvd
CVE-2012-5920
2012-11-20 00:55:01
cve
cve
CVE-2012-5920
2012-11-20 00:55:01