Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Glassfish redirect to untrusted site
Vulnerability Description
In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
CVSS Information
N/A
Vulnerability Type
参数问题
Vulnerability Title
Eclipse GlassFish 输入验证错误漏洞
Vulnerability Description
Eclipse GlassFish是Eclipse基金会的一个开放源码应用服务器。 Eclipse GlassFish 7.0.17之前版本存在输入验证错误漏洞,该漏洞源于当请求的端点为/Management/domain时,Host HTTP参数可能导致Web应用程序重定向到指定的URL。
CVSS Information
N/A
Vulnerability Type
N/A