In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade RHEL:10 eap8-jsonb-spec to version 0:3.0.1-2.redhat_00002.1.el10eap or higher.
This issue was patched in RHSA-2026:36344.
Note: Versions mentioned in the description apply only to the upstream eap8-jsonb-spec package and not the eap8-jsonb-spec package as distributed by RHEL.
See How to fix? for RHEL:10 relevant fixed versions and status.
A flaw was found in Jastow. Jastow is vulnerable to Cross-Site Scripting (XSS) attack. If using a set of combined configuration to allow unescaped characters in URL with embedded Undertow and Jastow, a server might be vulnerable to improper input handling.