Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-2cp9-r2rg-qvgg

Опубликовано: 01 апр. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 6.8

Описание

CVE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Payara Platform Payara Server allows : Remote Code Inclusion.This issue affects Payara Server: from 4.1.2.1919.1 before 4.1.2.191.51, from 5.20.0 before 5.68.0, from 6.0.0 before 6.23.0, from 6.2022.1 before 6.2025.2.

CVE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Payara Platform Payara Server allows : Remote Code Inclusion.This issue affects Payara Server: from 4.1.2.1919.1 before 4.1.2.191.51, from 5.20.0 before 5.68.0, from 6.0.0 before 6.23.0, from 6.2022.1 before 6.2025.2.

Ссылки

EPSS

Процентиль: 24%
0.00079
Низкий

6.8 Medium

CVSS4

CVE ID

CVE-2025-1534

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2025-1534

nvd
5 месяцев назад

CVE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Payara Platform Payara Server allows : Remote Code Inclusion.This issue affects Payara Server: from 4.1.2.1919.1 before 4.1.2.191.51, from 5.20.0 before 5.68.0, from 6.0.0 before 6.23.0, from 6.2022.1 before 6.2025.2.

EPSS

Процентиль: 24%
0.00079
Низкий

6.8 Medium

CVSS4

CVE ID

CVE-2025-1534

Дефекты

CWE-79