Description
Jooby before 1.6.4 has XSS via the default error handler.
Remediation
References
https://github.com/jooby-project/jooby/pull/1368
Related Vulnerabilities
CVE-2018-16487 Vulnerability in maven package org.webjars.bowergithub.lodash:lodash
CVE-2020-8268 Vulnerability in npm package json8-merge-patch
CVE-2022-45207 Vulnerability in maven package org.jeecgframework.boot:jeecg-module-system
CVE-2019-9154 Vulnerability in maven package org.webjars.npm:openpgp
CVE-2020-36282 Vulnerability in maven package com.rabbitmq.jms:rabbitmq-jms