Cross-Site Scripting Flaw in Google Web Toolkit by Google
CVE-2012-4563

Currently unrated

Key Information:

Vendor: Google
Status: Web Toolkit
Vendor: CVE Published:; 20 November 2012

Summary

A cross-site scripting vulnerability exists in Google Web Toolkit (GWT) version 2.4 Beta and earlier release candidates up to 2.4.0. This flaw allows remote attackers to inject arbitrary web scripts or HTML through unspecified vectors, potentially leading to unauthorized actions on behalf of users. It is essential for users of GWT to apply security updates to mitigate risks associated with this vulnerability.

References

http://www.securityfocus.com/bid/56336

vdb-entryx_refsource_BID

https://developers.google.com/web-toolkit/release-notes#R...

x_refsource_CONFIRM

http://www.openwall.com/lists/oss-security/2012/10/31/1

mailing-listx_refsource_MLIST

Timeline

Vulnerability published
Nov 20, 2012
Vulnerability Reserved
Aug 21, 2012