Security Advisory

CVE-2024-9329

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-30 07:11:53

Last updated 2024-10-07 15:59:12

Assigner eclipse

State PUBLISHED

Description

In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is /management/domain. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.

← Browse all CVEs View on cve.org ↗