CVE-2024-7312 | HackTesting

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server (REST Management Interface modules) allows Session Hijacking.This issue affects Payara Server: from 6.0.0 before 6.18.0, from 6.2022.1 before 6.2024.9, from 5.2020.2 before 5.2022.5, from 5.20.0 before 5.67.0, from 4.1.2.191.0 before 4.1.2.191.50.

Credits

Marco Ventura

Claudia Bartolini

Andrea Carlo Maria Dattola

Debora Esposito

Massimiliano Brolli

References

https://docs.payara.fish/enterprise/docs/5.67.0/Release%20Notes/Release%20Notes%205.67.0.html

https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.18.0.html