Skip to content

Commit 317cd1a

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-62g9-99m7-w8wv GHSA-62g9-99m7-w8wv
1 parent 935f5c6 commit 317cd1a

File tree

2 files changed

+65
-40
lines changed

2 files changed

+65
-40
lines changed

advisories/github-reviewed/2025/07/GHSA-62g9-99m7-w8wv/GHSA-62g9-99m7-w8wv.json

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-62g9-99m7-w8wv",
4+
"modified": "2025-07-18T15:34:49Z",
5+
"published": "2025-07-16T12:30:22Z",
6+
"aliases": [
7+
"CVE-2024-10032"
8+
],
9+
"summary": "Eclipse GlassFish is vulnerable to Stored XSS attacks through its Administration Console",
10+
"details": "In Eclipse GlassFish version 7.0.15, it is possible to perform Stored Cross-Site Scripting attacks through the Administration Console.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V4",
14+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:L/VI:L/VA:N/SC:H/SI:L/SA:N"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Maven",
21+
"name": "org.glassfish.main.admingui:console-cluster-plugin"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"last_affected": "7.0.25"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10032"
42+
},
43+
{
44+
"type": "PACKAGE",
45+
"url": "https://github.com/eclipse-ee4j/glassfish"
46+
},
47+
{
48+
"type": "WEB",
49+
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/42"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://gitlab.eclipse.org/security/vulnerability-reports/-/issues/228"
54+
}
55+
],
56+
"database_specific": {
57+
"cwe_ids": [
58+
"CWE-79"
59+
],
60+
"severity": "MODERATE",
61+
"github_reviewed": true,
62+
"github_reviewed_at": "2025-07-18T15:34:49Z",
63+
"nvd_published_at": "2025-07-16T11:15:23Z"
64+
}
65+
}

advisories/unreviewed/2025/07/GHSA-62g9-99m7-w8wv/GHSA-62g9-99m7-w8wv.json

Lines changed: 0 additions & 40 deletions
This file was deleted.

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy