N/A

A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.

N/A

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Red Hat Resteasy 跨站脚本漏洞

Red Hat Resteasy是美国红帽（Red Hat）公司的一款JAX-RS（一种Java编程语言API规范）实现。 Red Hat Resteasy中存在跨站脚本漏洞。该漏洞源于WEB应用缺少对客户端数据的正确验证。攻击者可利用该漏洞执行客户端代码。

N/A

N/A