Maven package
org.apache.sling/org.apache.sling.engine
pkg:maven/org.apache.sling/org.apache.sling.engine
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-45064 | — | < 2.14.0 | 2.14.0 | Apr 13, 2023 | The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API resulting in a generic type of include-based cross-site scripting issues on the Apache Sling level. The vulnerability is exploitable by an attacker that is able to include a resource with specific co |
- CVE-2022-45064Apr 13, 2023affected < 2.14.0fixed 2.14.0
The SlingRequestDispatcher doesn't correctly implement the RequestDispatcher API resulting in a generic type of include-based cross-site scripting issues on the Apache Sling level. The vulnerability is exploitable by an attacker that is able to include a resource with specific co