Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2013-6430

Опубликовано: 10 янв. 2020
Источник: debian

Описание

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
libspring-javafixed3.0.6.RELEASE-11package

Связанные уязвимости

ubuntu логотип

CVE-2013-6430

CVSS3: 5.4
ubuntu
почти 6 лет назад

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.

redhat логотип

CVE-2013-6430

redhat
почти 12 лет назад

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.

nvd логотип

CVE-2013-6430

CVSS3: 5.4
nvd
почти 6 лет назад

The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket.

github логотип

GHSA-xjrf-8x4f-43h4

CVSS3: 5.4
github
больше 3 лет назад

Improper Neutralization of Input During Web Page Generation in Spring Framework