When adding non-visible components to the UI in server side, content is sent to the browser in Vaadin 10.0.0 up to and including 10.0.22, 11.0.0 up to and including 14.10.0, 15.0.0 up to and including 22.0.28, 23.0.0 up to and including 23.3.12, 24.0.0 up to and including 24.0.5 and 24.1.0.alpha1 to 24.1.0.beta1, resulting in potential information disclosure.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vaadin vaadin 24.1.0 |
||
vaadin vaadin |