Oracle GlassFish Server Multiple XSS and CSRF Vulnerabilities

This host is running Oracle GlassFish Server and is prone to multiple vulnerabilities.
Successful exploitation will allow remote attackers to insert arbitrary HTML and script code, which will be executed in a user's browser session in the context of an affected site. Impact Level: Application
Apply the patch from below link, ***** NOTE: Ignore this warning, if above mentioned patch is manually applied. *****
Multiple flaws are due to - Input passed via multiple parameters to various scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. - The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests.
Oracle GlassFish Server version 3.1.1