CVE-2021-3314
CVE-2021-3314 affects Oracle GlassFish Server 3.1.2.18 and earlier. The vulnerability is a reflected XSS in the /common/logViewer/logViewer.jsf page, where an attacker can craft a URL that causes an administrator’s input to be reflected and executed by the browser. Root cause is improper handling...