VulnerableCode Package Details - pkg:maven/com.sun.faces/jsf-impl@2.1.19

Search for packages

Vulnerability	Summary	Fixed by
VCID-s1tt-jj2t-5yc9 Aliases: CVE-2013-5855 GHSA-3m3r-82gc-53mj	XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions This package does not perform appropriate encoding when a `<h:outputText>` tag or EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors.	2.2.6 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-s1tt-jj2t-5yc9
Aliases:
CVE-2013-5855
GHSA-3m3r-82gc-53mj

XSS due to insufficient escaping of user-supplied content in outputText tags and EL expressions This package does not perform appropriate encoding when a `<h:outputText>` tag or EL expression is used after a scriptor style block, which allows remote attackers to conduct cross-site scripting (XSS) attacks via application-specific vectors.

2.2.6
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-mgny-35f9-1qg4	XML External Entity (XXE) injection This package allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.	CVE-2013-3827 GHSA-q388-j7cw-ff7w

Vulnerability

Summary

Aliases

VCID-mgny-35f9-1qg4

XML External Entity (XXE) injection This package allows remote attackers to affect confidentiality via unknown vectors related to Java Server Faces or Web Container.

CVE-2013-3827
GHSA-q388-j7cw-ff7w

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T20:31:44.733829+00:00	GitLab Importer	Affected by	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.4.0
2026-04-16T20:30:55.299995+00:00	GitLab Importer	Fixing	VCID-mgny-35f9-1qg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-3827.yml	38.4.0
2026-04-11T21:42:06.600289+00:00	GitLab Importer	Affected by	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.3.0
2026-04-11T21:41:18.994332+00:00	GitLab Importer	Fixing	VCID-mgny-35f9-1qg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-3827.yml	38.3.0
2026-04-02T21:56:16.865701+00:00	GitLab Importer	Affected by	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.1.0
2026-04-02T21:55:29.713495+00:00	GitLab Importer	Fixing	VCID-mgny-35f9-1qg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-3827.yml	38.1.0
2026-04-01T16:13:26.143637+00:00	GitLab Importer	Affected by	VCID-s1tt-jj2t-5yc9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-5855.yml	38.0.0
2026-04-01T12:46:50.550744+00:00	GitLab Importer	Fixing	VCID-mgny-35f9-1qg4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/maven/com.sun.faces/jsf-impl/CVE-2013-3827.yml	38.0.0