Описание
Eclipse GlassFish is vulnerable to Reflected XSS attacks through its Administration Console
In Eclipse GlassFish version 7.0.15, it is possible to perform Reflected Cross-Site Scripting attacks through the Administration Console.
Пакеты
Наименование
org.glassfish.main.admingui:console-common
maven
Затронутые версииВерсия исправления
<= 7.0.25
Отсутствует
Наименование
org.glassfish.main.admingui:console-cluster-plugin
maven
Затронутые версииВерсия исправления
<= 7.0.25
Отсутствует
Связанные уязвимости
CVSS3: 6.1
nvd
7 месяцев назад
In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console.