Glassfish Security Vulnerabilities and Issues — Glassfish CVE List

Lucene search

EclipseGlassfish

5 matches found

CVE•added 2024/09/11 2:15 p.m.•49 views

CVE-2024-8646

In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed.This vulnerability is caused by the vulnerability (CVE-2023-41080) in the Apache code included in GlassFish.This vulnerability only affects applications that are explicitly deployed to the root...

6.1CVSS6.6AI score0.11116EPSS

CVE•added 2024/09/30 8:15 a.m.•36 views

CVE-2024-9329

In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal u...

6.9CVSS6.2AI score0.00038EPSS

CVE•added 2025/07/16 11:15 a.m.•7 views

CVE-2024-10032

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scriptingattacks in the Administration Console.

6.1CVSS6.4AI score0.00025EPSS

CVE•added 2025/07/16 11:15 a.m.•6 views

CVE-2024-10029

In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scriptingattacks in the Administration Console.

6.1CVSS6.6AI score0.00027EPSS

CVE•added 2025/07/16 11:15 a.m.•6 views

CVE-2024-9343

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scriptingattacks in the Administration Console.

6.1CVSS6.4AI score0.00027EPSS