Maven package
org.eclipse.ditto/ditto
pkg:maven/org.eclipse.ditto/ditto
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-5165 | — | >= 3.0.0, < 3.4.5 | 3.4.5 | May 23, 2024 | In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS (Cross Site Scripting). |
- CVE-2024-5165May 23, 2024affected >= 3.0.0, < 3.4.5fixed 3.4.5
In Eclipse Ditto versions 3.0.0 to 3.5.5, the user input of several input fields of the Eclipse Ditto Explorer User Interface https://eclipse.dev/ditto/user-interface.html was not properly neutralized and thus vulnerable to both Reflected and Stored XSS (Cross Site Scripting).