redhat resteasy CVE-2020-10688 in Red Hat and Canonical Products
Published on May 27, 2021

product logo product logo
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs. An attacker could use this flaw to launch a reflected XSS attack.

NVD

Weakness Type

What is a XSS Vulnerability?

The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE-2020-10688 has been classified to as a XSS vulnerability or weakness.


Products Associated with CVE-2020-10688

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2020-10688 are published in these products:

Red Hat Resteasy
 
Red Hat Jboss Enterprise Application Platform
 
Red Hat Openshift Application Runtimes
 
Red Hat Fuse
 
Canonical Ubuntu Linux
 

Exploit Probability

EPSS
0.22%
Percentile
44.57%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.