Description

Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates before 2.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

http://www.openwall.com/lists/oss-security/2012/10/31/1

http://www.securityfocus.com/bid/56336

https://developers.google.com/web-toolkit/release-notes#Release_Notes_2_4_0

Related Vulnerabilities

CVE-2023-25571 Vulnerability in npm package @backstage/plugin-catalog-backend

CVE-2020-15500 Vulnerability in npm package tileserver-gl

CVE-2015-6748 Vulnerability in maven package org.jsoup:jsoup

CVE-2022-34198 Vulnerability in maven package org.jenkins-ci.plugins:stashbranchparameter

CVE-2023-45280 Vulnerability in maven package org.yamcs:yamcs-core

Severity

Critical

Classification

CWE-79