Количество 2
Количество 2
CVE-2019-10770
All versions of io.ratpack:ratpack-core from 0.9.10 inclusive and before 1.7.6 are vulnerable to Cross-site Scripting (XSS). This affects the development mode error handler when an exception message contains untrusted data. Note the production mode error handler is not vulnerable - so for this to be utilized in production it would require users to not disable development mode.
GHSA-r2wf-q3x4-hrv9
Default development error handler in Ratpack is vulnerable to HTML content injection (XSS)
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-10770 All versions of io.ratpack:ratpack-core from 0.9.10 inclusive and before 1.7.6 are vulnerable to Cross-site Scripting (XSS). This affects the development mode error handler when an exception message contains untrusted data. Note the production mode error handler is not vulnerable - so for this to be utilized in production it would require users to not disable development mode. | CVSS3: 6.1 | 0% Низкий | около 6 лет назад |
| GHSA-r2wf-q3x4-hrv9 Default development error handler in Ratpack is vulnerable to HTML content injection (XSS) | CVSS3: 6.1 | 0% Низкий | около 6 лет назад |
Уязвимостей на страницу