Skip to content

No more used JSONP vulnerabilities

Low
sbrunner published GHSA-w534-q4xf-h5v2 Jul 6, 2020

Package

maven org.mapfish.print.print-lib,org.mapfish.print.print-servlet,org.mapfish.print.print-standalone (Maven)

Affected versions

< 3.24

Patched versions

3.24

Description

Impact

A user can use the JSONP support to do a Cross-site scripting.

Patches

Use version >= 3.24

Workarounds

No

References

For more information

If you have any questions or comments about this advisory Comment the pull request: #1397

Severity

Low

CVE ID

CVE-2020-15231

Weaknesses

No CWEs