cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2019-12416,https://securityvulnerability.io/vulnerability/CVE-2019-12416,,we got reports for 2 injection attacks against the DeltaSpike windowhandler.js. This is only active if a developer selected the ClientSideWindowStrategy which is not the default.,Apache,Apache Deltaspike,6.1,MEDIUM,0.003530000103637576,false,,false,false,false,,,false,false,,2020-03-19T14:48:52.000Z,0
CVE-2017-17837,https://securityvulnerability.io/vulnerability/CVE-2017-17837,,"The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the windowId handling. The default size of the windowId get's cut off after 10 characters (by default), so the impact might be limited. A fix got applied and released in Apache deltaspike-1.8.1.",Apache,Apache Deltaspike,6.1,MEDIUM,0.0071299998089671135,false,,false,false,false,,,false,false,,2018-01-04T00:00:00.000Z,0