Description
JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1372129
Related Vulnerabilities
CVE-2021-41269 Vulnerability in maven package com.cronutils:cron-utils
CVE-2020-14966 Vulnerability in npm package jsrsasign
CVE-2023-26136 Vulnerability in npm package tough-cookie
CVE-2020-25640 Vulnerability in maven package org.jboss.genericjms:generic-jms-ra-jar
CVE-2017-5635 Vulnerability in maven package org.apache.nifi:nifi-framework-authorization