CVE-2024-10031

CVE-2024-10031 describes a Stored Cross-site Scripting (XSS) vulnerability in Eclipse GlassFish 7.0.15 triggered by modifying the underlying OS configuration file. Connected sources consistently report this stored XSS vector affecting GlassFish 7.0.15, with the underlying issue tied to configurat...

CVE-2024-10031

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system...

CVE-2024-10029

In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console...

CVE-2024-10029

CVE-2024-10029 affects Eclipse GlassFish 7.0.15, enabling Reflected XSS in the Administration Console. The vulnerability targets the Admin Console UI (org.glassfish.main.admingui:console-cluster-plugin/console-common) and can be exploited via crafted links to execute scripts in a user’s browser. ...

CVE-2024-10029

In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console...

CVE-2024-9343

CVE-2024-9343 refers to a Stored XSS vulnerability in Eclipse GlassFish 7.0.15, exposed via the Administration Console. The issue affects the GlassFish admin UI (console-common/admingui) and can allow an attacker to inject scripts that run in a user’s browser when interacting with the console. Te...

CVE-2024-9343

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console...

CVE-2024-9343

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console...

CVE-2024-9342

In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts...

CVE-2024-9342

Affected software: Eclipse GlassFish 7.0.16 and earlier. The issue is unlimited failed login attempts, enabling brute-force login; impact per sources includes potential unauthorized access. CVSS metrics in the initial document show high impact confidentiality, integrity, availability with network...

PT-2025-29719 · Eclipse · Eclipse Glassfish

Name of the Vulnerable Software and Affected Versions: Eclipse GlassFish versions 7.0.16 and earlier Description: Eclipse GlassFish is susceptible to login brute-force attacks due to the absence of restrictions on the number of failed login attempts. Recommendations: Apply a configuration to limi...

Eclipse GlassFish 跨站脚本漏洞

Eclipse GlassFish is an open source application server from the Eclipse Foundation. A cross-site scripting vulnerability exists in Eclipse GlassFish version 7.0.15, which stems from a stored cross-site scripting attack risk in the management console...

PT-2025-29771 · Eclipse · Eclipse Glassfish

Name of the Vulnerable Software and Affected Versions: Eclipse GlassFish versions 6.2.5 and later Description: Eclipse GlassFish is susceptible to a Server Side Request Forgery SSRF attack affecting specific endpoints. SSRF occurs when an attacker can induce the server to make requests to...

PT-2025-29720 · Eclipse · Eclipse Glassfish

Name of the Vulnerable Software and Affected Versions: Eclipse GlassFish version 7.0.15 Description: Eclipse GlassFish version 7.0.15 is susceptible to Stored Cross-site scripting attacks within the Administration Console. Recommendations: At the moment, there is no information about a newer...

Eclipse GlassFish 跨站脚本漏洞

Eclipse GlassFish is an open source application server from the Eclipse Foundation. A cross-site scripting vulnerability exists in Eclipse GlassFish version 7.0.15, which stems from a stored cross-site scripting attack risk in the management console...

Eclipse GlassFish 代码问题漏洞

Eclipse GlassFish is an open source application server from the Eclipse Foundation. A code issue vulnerability exists in Eclipse GlassFish versions 6.2.5 and later, which stems from the risk of a server-side request forgery attack on specific endpoints...

PT-2025-29768 · Eclipse · Eclipse Glassfish

Name of the Vulnerable Software and Affected Versions: Eclipse GlassFish version 7.0.15 Description: Eclipse GlassFish version 7.0.15 is susceptible to Reflected Cross-site scripting attacks within the Administration Console. Recommendations: At the moment, there is no information about a newer...

Eclipse GlassFish 安全漏洞

Eclipse GlassFish is an open source application server from the Eclipse Foundation. A security vulnerability exists in Eclipse GlassFish 7.0.16 and earlier versions, which stems from an unlimited number of login attempts and could lead to a brute force attack...

Eclipse GlassFish 跨站脚本漏洞

Eclipse GlassFish is an open source application server from the Eclipse Foundation. A cross-site scripting vulnerability exists in Eclipse GlassFish version 7.0.15, which stems from a risk of a reflective cross-site scripting attack in the management console...

PT-2025-29770 · Eclipse · Eclipse Glassfish

Name of the Vulnerable Software and Affected Versions: Eclipse GlassFish version 7.0.15 Description: Eclipse GlassFish version 7.0.15 is susceptible to Stored Cross-site scripting attacks within the Administration Console. Recommendations: At the moment, there is no information about a newer...