Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2020-08167)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

Oracle WebLogic Server CVE-2020-6950 Remote Security Vulnerability

Description Oracle WebLogic Server is prone to a remote security vulnerability. The vulnerability can be exploited over the 'HTTP' protocol. The 'Web Container JavaServer Faces' component is affected. This vulnerability affects the following supported versions: 12.2.1.3.0, 12.2.1.4.0 Technologies...

Forcepoint Email Security Detection (HTTP)

HTTP based detection of Forcepoint Email Security. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-17091

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled...

CVE-2019-17091

faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used in Mojarra for Eclipse EE4J before 2.3.10 and Mojarra JavaServer Faces before 2.2.20, allows Reflected XSS because a client window field is mishandled...

Eclipse Mojarra CVE-2019-17091 Cross Site Scripting Vulnerability

Description Eclipse Mojarra is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may all...

Oracle Mojarra JSF / Eclipse Mojarra JSF 2.2 / 2.3 Cross Site Scripting Vulnerability

Exploit for java platform in category web applications ======================================================================= title: Reflected Cross-Site Scripting XSS product: Oracle Mojarra JSF included in Java EE 7 Eclipse Mojarra JSF vulnerable version: 2.2 & 2.3 fixed version:...

Directory Traversal

JavaServer Faces is vulnerable to directory traversal. A malicious user can access arbitrary files through loc parameters in the function ResourceManager.java:getLocalePrefix...

Eclipse Mojarra Information Disclosure Vulnerability

Eclipse Mojarra is an implementation of the Eclipse Foundation's JavaServer Faces specification JSR-372, which is primarily used to build component-based user interfaces for Web applications. A security vulnerability exists in the 'getLocalePrefix' function of the ResourceManager.java file in...

Oracle Fusion Middleware Oracle WebLogic Server Component Remote Vulnerability (CNVD-2018-13562)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. Oracle WebLogic Server is one of the application server components for cloud and traditional...

IBM WebSphere Application Server Information Disclosure Vulnerability (CNVD-2017-35508)

WebSphere Application Server WAS is a software product that performs the role of a web application server, a software framework and middleware for hosting Java-based web applications. An information disclosure vulnerability exists in IBM WebSphere Application Server. The vulnerability arises due ...

CVE-2017-1583

IBM WebSphere Application Server IBM Liberty for Java for Bluemix 3.13could allow a remote attacker to obtain sensitive information caused by improper error handling by MyFaces in JSF...

Directory Traversal

JavaServer Faces is vulnerable to directory traversals. A malicious user can access arbitrary files through a Uniform Resource Identifier or a through the library name...

CVE-2016-3505

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces...

CVE-2016-3505

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces...

CVE-2016-3505

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces...

Unspecified Vulnerability in Oracle Fusion Middleware WebLogic Server Component

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platform for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. Oracle WebLogic Server is one of the application server components for cloud and traditional...

[SECURITY] Fedora 25 Update: mojarra-2.2.13-1.fc25

JvaServerTM Faces technology simplifies building user interfaces for JavaServer applications. Developers of various skill levels can quickly bui ld web applications by: assembling reusable UI components in a page; connecting these components to an application data source; and wiring...

Red Hat JBoss Portal Information Disclosure Vulnerability

Red Hat JBoss Portal is an open source and standards-compliant portal platform from Red Hat Red Hat. The platform can build , layout of a portal Web interface for publishing , managing content and customizing the user experience. A security vulnerability exists in Portlet Bridge for JavaServer...

Oracle WebCenter Portal Multiple Vulnerabilities (July 2015 CPU)

Binary data oraclewebcenterportaljuly2015cpu.nbin...