CVE-2013-4204 – com.google.gwt:gwt

Package

Manager: maven
Name: com.google.gwt:gwt
Vulnerable Version: >=0 <2.5.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N/E:U/RL:O/RC:C

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00333 pctl0.55485

Details

Improper Neutralization of Input During Web Page Generation in Google Web Toolkit Multiple cross-site scripting (XSS) vulnerabilities in the JUnit files in the GWTTestCase in Google Web Toolkit (GWT) before 2.5.1 RC1 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Metadata

Created: 2022-05-17T01:58:13Z
Modified: 2022-07-08T19:18:52Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-x24q-xwrf-66jm/GHSA-x24q-xwrf-66jm.json
CWE IDs: ["CWE-79"]
Alternative ID: GHSA-x24q-xwrf-66jm
Finding: F008
Auto approve: 1