CVE-2012-4563

CWE-79 — Cross-site Scripting (XSS)6 documents5 sources

Severity

4.3MEDIUM

EPSS

0.2%

top 53.48%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google WEB Toolkit

Timeline

PublishedNov 20

Latest updateMay 17

Description

Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2.4 Beta and release candidates before 2.4.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDgoogle/web_toolkit2.4

🔴Vulnerability Details

GHSA

GHSA-gx2r-f8cq-fm9m: Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2↗2022-05-17

▶

CVEList

CVE-2012-4563: Cross-site scripting (XSS) vulnerability in Google Web Toolkit (GWT) 2↗2012-11-20

▶

📋Vendor Advisories

Red Hat

GWT: unknown XSS flaw↗2012-10-26

▶

Red Hat

GWT: unknown XSS flaw↗2012-10-26

▶

💬Community

Bugzilla

CVE-2012-4563 GWT: unknown XSS flaw↗2012-12-13

▶