org.jboss.hal:hal-console@3.6.13.Final vulnerabilities
latest version
3.7.8.Final
first published
3 years ago
latest version published
1 months ago
licenses detected
- [3.5.0.Final,)
package registry
Direct Vulnerabilities
Known vulnerabilities in the org.jboss.hal:hal-console package. This does not include vulnerabilities belonging to this package’s dependencies.
How to fix?
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for free| Vulnerability | Vulnerable Version |
|---|---|
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) through the input validation process. An attacker can manipulate the output seen by other users by injecting malicious scripts. How to fix Cross-site Scripting (XSS)? Upgrade | [,3.7.6) |
Affected versions of this package are vulnerable to Cross-site Scripting (XSS) due to improper neutralization of user-controllable input before it is placed in output that is served as a web page. An attacker can execute arbitrary script in the context of the interface by injecting malicious scripts. Note: This is only exploitable if the attacker is authenticated as a user that belongs to management groups How to fix Cross-site Scripting (XSS)? There is no fixed version for | [0,) |