CVE-2012-5920

Currently unrated

Key Information:

Vendor: Google
Status: Web Toolkit
Vendor: CVE Published:; 20 November 2012

Summary

Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 through 2.5 Final, as used in JBoss Operations Network (ON) 3.1.1 and possibly other products, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this issue exists because of an incomplete fix for CVE-2012-4563.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/80331

vdb-entryx_refsource_XF

https://developers.google.com/web-toolkit/release-notes#R...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/57538

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Nov 20, 2012
Vulnerability Reserved
Nov 19, 2012

Collectors

NVD DatabaseMitre Database