JacksonJsonpInterceptor in RESTEasy might allow remote attackers to conduct a cross-site script inclusion (XSSI) attack. References https://nvd.nist.gov/vuln/detail/CVE-2016-6348 https://bugzilla.redhat.com/show_bug.cgi?id=1372129 https://github.com/advisories/GHSA-9xfc-j5mf-9w5p