- Description
- URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11.
- Source
- 769c9ae7-73c3-4e47-ae19-903170fc3eb8
- NVD status
- Modified
CVSS 3.1
- Type
- Primary
- Base score
- 6.1
- Impact score
- 2.7
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:payara:payara:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "ADFB7392-9992-4248-BDAB-2320A4C59274",
"versionEndExcluding": "4.1.2.191.46",
"versionStartIncluding": "4.1.2.191"
},
{
"criteria": "cpe:2.3:a:payara:payara:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A4D9499F-D000-47D3-93ED-853F62375552",
"versionEndExcluding": "5.57.0",
"versionStartIncluding": "5.0.0"
},
{
"criteria": "cpe:2.3:a:payara:payara:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0DAE4FFA-8969-4B46-8D23-D3B513FFE294",
"versionEndExcluding": "6.8.0",
"versionStartIncluding": "6.0.0"
},
{
"criteria": "cpe:2.3:a:payara:payara:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "58FBC93E-5A50-436A-98D9-11F4D12AEB4B",
"versionEndExcluding": "6.2023.11",
"versionStartIncluding": "6.2023.1"
}
],
"operator": "OR"
}
]
}
]