Lucene search

K
GopivotalGrails

4 matches found

CVE
CVE
added 2014/04/15 11:55 p.m.51 views

CVE-2014-0053

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this identifier has been SPLIT du...

5CVSS6.1AI score0.0069EPSS
CVE
CVE
added 2014/04/15 11:55 p.m.50 views

CVE-2014-2857

The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a direct request. NOTE: this issue was SPLIT from CVE-2...

5CVSS6AI score0.0069EPSS
CVE
CVE
added 2014/04/15 11:55 p.m.43 views

CVE-2014-2858

Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was SPLIT from CVE-2014-0053 per ADT2 due to differen...

5CVSS6AI score0.0069EPSS
CVE
CVE
added 2017/01/23 9:59 p.m.26 views

CVE-2016-6521

Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of users for requests that execute arbitrary Groovy code via unspecified vectors.

8.8CVSS9.1AI score0.00286EPSS