Описание
Cross-site Scripting in Quarkus
If the Quarkus Form Authentication session cookie Path attribute is set to / then a cross-site attack may be initiated which might lead to the Information Disclosure. This attack can be prevented with the Quarkus CSRF Prevention feature.
Пакеты
io.quarkus:quarkus-vertx-http
< 2.13.7.Final
2.13.7.Final
Связанные уязвимости
If the Quarkus Form Authentication session cookie Path attribute is set to `/` then a cross-site attack may be initiated which might lead to the Information Disclosure. This attack can be prevented with the Quarkus CSRF Prevention feature.
If the Quarkus Form Authentication session cookie Path attribute is set to `/` then a cross-site attack may be initiated which might lead to the Information Disclosure. This attack can be prevented with the Quarkus CSRF Prevention feature.
Уязвимость компонента Form Authentication Java-фреймворка Quarkus, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)