📦 Glassfish

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Eclipse GlassFish application server. Attackers can exploit specific endpoints to make the server send unauthorized requests to...

CVE-2024-9342 allows attackers to perform unlimited brute-force login attempts against Eclipse GlassFish servers, potentially compromising administrator or user accounts. This affects all deployments ...

This stored cross-site scripting (XSS) vulnerability in Eclipse GlassFish 7.0.15 allows attackers to inject malicious scripts into the administration console. When administrators view compromised page...

This vulnerability allows attackers to perform reflected cross-site scripting (XSS) attacks in the Eclipse GlassFish Administration Console. Attackers can inject malicious scripts that execute in vict...

This vulnerability in Eclipse Glassfish allows attackers to redirect users to malicious websites via manipulated HTTP Host parameters when accessing the '/management/domain' endpoint. This enables phi...