CVE-2016-6521
- EPSS 0.29%
- Veröffentlicht 23.01.2017 21:59:02
- Zuletzt bearbeitet 20.04.2025 01:37:25
Cross-site request forgery (CSRF) vulnerability in Grails console (aka Grails Debug Console and Grails Web Console) 2.0.7, 1.5.10, and earlier allows remote attackers to hijack the authentication of users for requests that execute arbitrary Groovy co...
- EPSS 0.69%
- Veröffentlicht 15.04.2014 23:55:08
- Zuletzt bearbeitet 12.04.2025 10:46:40
The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 before 2.3.6 does not properly restrict access to files in the WEB-INF directory, which allows remote attackers to obtain sensitive information via a direct...
- EPSS 0.28%
- Veröffentlicht 15.04.2014 23:55:08
- Zuletzt bearbeitet 12.04.2025 10:46:40
The default configuration of the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 does not properly restrict access to files in the META-INF directory, which allows remote attackers to obtain sensitive information via a dire...
- EPSS 0.24%
- Veröffentlicht 15.04.2014 23:55:08
- Zuletzt bearbeitet 12.04.2025 10:46:40
Directory traversal vulnerability in the Resources plugin 1.0.0 before 1.2.6 for Pivotal Grails 2.0.0 through 2.3.6 allows remote attackers to obtain sensitive information via unspecified vectors related to a "configured block." NOTE: this issue was ...