1 results (0.004 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the index page. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en Vaadin anterior a v6.4.9, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores desconocidos relacionados con la página index. • http://dev.vaadin.com/ticket/6257 http://osvdb.org/70398 http://secunia.com/advisories/42879 http://vaadin.com/download/release/6.4/6.4.9/release-notes.html http://www.securityfocus.com/bid/45779 https://exchange.xforce.ibmcloud.com/vulnerabilities/64626 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •