logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2024-9329

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-9329

Description:
In Eclipse Glassfish versions before 7.0.17, The Host HTTP parameter could cause the web application to redirect to the specified URL, when the requested endpoint is '/management/domain'. By modifying the URL value to a malicious site, an attacker may successfully launch a phishing scam and steal user credentials.
Last updated date:
10/07/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
10/07/2024
Reference url to background

https://github.com/eclipse-ee4j/glassfish/pull/25106

Type:
exploit
Confidence:
HIGH
Date of publishing:
10/07/2024
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy