CVE-2025-1534
- EPSS 0.14%
- Veröffentlicht 01.04.2025 04:15:44
- Zuletzt bearbeitet 14.10.2025 17:25:28
CVE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Payara Platform Payara Server allows : Remote Code Inclusion.This issue affects Payara Server: from 4.1.2.1919.1 before 4.1.2.191.51, from 5...
CVE-2024-8215
- EPSS 0.3%
- Veröffentlicht 08.10.2024 16:15:13
- Zuletzt bearbeitet 16.10.2024 17:58:52
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Payara Platform Payara Server (Admin Console modules) allows Remote Code Inclusion.This issue affects Payara Server: from 5.20.0 before 5.68....
CVE-2024-7312
- EPSS 0.09%
- Veröffentlicht 11.09.2024 16:15:08
- Zuletzt bearbeitet 13.09.2024 16:27:50
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server (REST Management Interface modules) allows Session Hijacking.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9,...
CVE-2023-41699
- EPSS 0.07%
- Veröffentlicht 15.11.2023 20:15:07
- Zuletzt bearbeitet 21.11.2024 08:21:30
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0...
CVE-2022-45129
- EPSS 0.41%
- Veröffentlicht 10.11.2022 06:15:13
- Zuletzt bearbeitet 01.05.2025 14:15:33
Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x befor...
CVE-2022-37422
- EPSS 0.45%
- Veröffentlicht 18.08.2022 19:15:14
- Zuletzt bearbeitet 21.11.2024 07:14:57
Payara through 5.2022.2 allows directory traversal without authentication. This affects Payara Server, Payara Micro, and Payara Server Embedded.