- Home
- CVEs with nessus.description==The version of GlassFish Server running on the remote host is affected
by multiple vulnerabilities :
- Cross-site scripting (XSS) vulnerabilities exist in its
admin and rest interface. These vulnerabilities permit
JavaScript to be run in the context of GlassFish, which
may result in credentials of authenticated users being
stolen. (CVE-2013-1508, CVE-2013-1515)
- A cross-site request forgery (CSRF) vulnerability exists
in its REST interface. An authenticated user may be
tricked into visiting a web page that leverages this
vulnerability.
- A JSF source exposure vulnerability exists that affects
confidentiality.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top