CVE-2011-0509
Vaadin < 6.4.8 - XSS
Title source: ruleDescription
Cross-site scripting (XSS) vulnerability in Vaadin before 6.4.9 allows remote attackers to inject arbitrary web script or HTML via unknown vectors related to the index page.
References (6)
Scores
EPSS
0.0050
EPSS Percentile
65.8%
Classification
CWE
CWE-79
Status
published
Affected Products (2)
vaadin/vaadin
< 6.4.8
n/a/n/a
Timeline
Published
Jan 20, 2011
Tracked Since
Feb 18, 2026