CVE-2023-25500
Published
CVSS v3
3.5
LOW
CVSS v2
N/A
Affected
1
PROJECT
Description
Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests.
Vaadin Flow is a Java framework binding Vaadin web components to Java. This is part of Vaadin 10+.
GitHub