Vulnerability CVE-2023-25500
Published: 2023-06-22

Description:
Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in a potential information disclosure of class and method names in RPC responses by sending modified requests.

 References:
https://github.com/vaadin/flow/pull/16935
Copyright 2026, cxsecurity.com

 

Back to Top