PT-2020-4194 · Fasterxml +4 · Jackson-Databind +4

Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.x before 2.9.10.5 Description: The issue is related to the deserialization mechanism in the Jackson-databind library. It can be exploited by a remote attacker to execute arbitrary code. The vulnerability ...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Glassfish webadmin interface in Sun Java System Application Server 9.101 allow remote attackers to inject arbitrary web script or HTML via the 1 propertyForm:propertyContentPage:propertySheet:propertSectionTextField:jndiProp:JndiNew, 2...