Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-41699

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 4.1.2.191 before 4.1.2.191.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11.

Published

2023-11-15T20:15:07.580

Last Modified

2024-11-21T08:21:30.130

Status

Modified

Source

769c9ae7-73c3-4e47-ae19-903170fc3eb8

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-601
Type: Primary
CWE-601

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	payara	payara	< 4.1.2.191.46	Yes
Application	payara	payara	< 5.57.0	Yes
Application	payara	payara	< 6.8.0	Yes
Application	payara	payara	< 6.2023.11	Yes

References

https://docs.payara.fish/community/docs/Release%20Notes/Release%20Notes%206.2023.11.html Release Notes (769c9ae7-73c3-4e47-ae19-903170fc3eb8)
https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.8.0.html Release Notes (769c9ae7-73c3-4e47-ae19-903170fc3eb8)
https://docs.payara.fish/community/docs/Release%20Notes/Release%20Notes%206.2023.11.html Release Notes (af854a3a-2127-422b-91ae-364da2661108)
https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.8.0.html Release Notes (af854a3a-2127-422b-91ae-364da2661108)