Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Payara Platform Payara Server (Admin Console modules) allows Remote Code Inclusion.This issue affects Payara Server: from 5.20.0 before 5.68.0, from 6.0.0 before 6.19.0, from 6.2022.1 before 6.2024.10, from 4.1.2.191.1 before 4.1.2.191.51.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP GPX Maps 'wp-gpx-maps_admin_tracks.php' Arbitrary File Upload (1.1.22)
WordPress Plugin AccessPress Social Icons Multiple SQL Injection Vulnerabilities (1.6.6)
phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-6606)
WordPress Plugin Captcha by BestWebSoft SQL Injection (4.1.4)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2013-4321)