I am currently working on some security incidents reported in an application that uses GWT, in its version 2.5.0 according to the report for this version there are security vulnerabilities related to XSS, I was reading a little the real notes of the versions above this one for example 2.5.1 indicates that this vulnerability was fixed, But on investigation it seems that this is not the case, according to the attached references this novelty still persists.
Continue reading the actual notes of later versions, but it's not clear if any security patches were worked on in new versions. Reading the forum, I notice that in version 2.8.1 a vulnerability related to XSS was also identified again. My question is which version then I could use that currently has these vulnerabilities fixed. Very thanks for your help. References https://www.openwall.com/lists/oss-security/2013/08/05/3 https://www.openwall.com/lists/oss-security/2013/08/05/1 https://groups.google.com/g/google-web-toolkit/c/Tx29wSZ8SZQ -- You received this message because you are subscribed to the Google Groups "GWT Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to google-web-toolkit+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/google-web-toolkit/c404b5ad-42f5-4044-ae0e-6f0e96aa3270n%40googlegroups.com.
