N/A

A reflected Cross-Site Scripting (XSS) flaw was found in RESTEasy in all versions of RESTEasy up to 4.6.0.Final, where it did not properly handle URL encoding when calling @javax.ws.rs.PathParam without any @Produces MediaType. This flaw allows an attacker to launch a reflected XSS attack. The highest threat from this vulnerability is to data confidentiality and integrity.

N/A

在Web页面生成时对输入的转义处理不恰当(跨站脚本)

Red Hat Resteasy 跨站脚本漏洞

Red Hat Resteasy是美国红帽（Red Hat）公司的一款JAX-RS（一种Java编程语言API规范）实现。 RESTEasy 存在跨站脚本漏洞，该漏洞源于PathParam。

N/A

N/A