SynopsisThe remote web server is affected by multiple vulnerabilities.
DescriptionThe version of GlassFish Server running on the remote host is affected by multiple vulnerabilities :
- A cross-site request forgery (CSRF) vulnerability in its REST interface. An authenticated user can be tricked into visiting a web page that leverages this vulnerability to upload an arbitrary WAR file to the GlassFish server, which is then executed with GlassFish's credentials. (CVE-2012-0550)
SolutionUpgrade to GlassFish Server 126.96.36.199 or later.