A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2021-05-27T18:45:41

Updated: 2024-08-04T11:06:11.147Z

Reserved: 2020-03-20T00:00:00

Link: CVE-2020-10688

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2021-05-27T19:15:07.643

Modified: 2024-11-21T04:55:51.450

Link: CVE-2020-10688

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-02-18T00:00:00Z

Links: CVE-2020-10688 - Bugzilla