Maven package
org.apache.deltaspike.modules/jsf-module-project
pkg:maven/org.apache.deltaspike.modules/jsf-module-project
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-17837 | — | < 1.8.1 | 1.8.1 | Jan 4, 2018 | The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the windowId handling. The default size of the windowId get's cut off after 10 characters (by default), so the impact might be limited. A fix got applied and released in Apache deltaspike-1.8.1. |
- CVE-2017-17837Jan 4, 2018affected < 1.8.1fixed 1.8.1
The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the windowId handling. The default size of the windowId get's cut off after 10 characters (by default), so the impact might be limited. A fix got applied and released in Apache deltaspike-1.8.1.