Количество 2
Количество 2
CVE-2019-25027
Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 (Vaadin 10.0.0 through 10.0.13), and 1.1.0 through 1.4.2 (Vaadin 11.0.0 through 13.0.5) allows attacker to execute malicious JavaScript via crafted URL
GHSA-rp4x-wxqv-cf9m
Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2019-25027 Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 (Vaadin 10.0.0 through 10.0.13), and 1.1.0 through 1.4.2 (Vaadin 11.0.0 through 13.0.5) allows attacker to execute malicious JavaScript via crafted URL | CVSS3: 6.1 | 0% Низкий | почти 5 лет назад |
| GHSA-rp4x-wxqv-cf9m Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13 | CVSS3: 6.1 | 0% Низкий | почти 5 лет назад |
Уязвимостей на страницу