Unknown · Deltaspike · CVE-2019-12416
Name of the Vulnerable Software and Affected Versions:
DeltaSpike (affected versions not specified)
Description:
There have been reports of injection attacks against the DeltaSpike windowhandler.js. This issue is only relevant if a developer has selected the ClientSideWindowStrategy, which is not the default configuration.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.