- Home
- CVEs with nessus.description==The version of GlassFish Server running on the remote host is affected by multiple vulnerabilities :
- Cross-site scripting (XSS) vulnerabilities exist in its admin and rest interface. These vulnerabilities permit JavaScript to be run in the context of GlassFish, which may result in credentials of authenticated users being stolen. (CVE-2013-1508, CVE-2013-1515)
- A cross-site request forgery (CSRF) vulnerability exists in its REST interface. An authenticated user may be tricked into visiting a web page that leverages this vulnerability.
- A JSF source exposure vulnerability exists that affects confidentiality.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top