First published: Wed Nov 15 2023(Updated: )
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro and Embedded (Servlet Implementation modules) allows Redirect Access to Libraries.This issue affects Payara Server, Micro and Embedded: from 5.0.0 before 5.57.0, from 22.214.171.124 before 126.96.36.199.46, from 6.0.0 before 6.8.0, from 6.2023.1 before 6.2023.11.
|Affected Software||Affected Version||How to fix|
CVE-2023-41699 is a URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payara Platform Payara Server, Micro, and Embedded that allows Redirect Access to Libraries.
The affected software versions are Payara Server, Micro, and Embedded: from 5.0.0 before 5.57.0 and from 188.8.131.52 before 184.108.40.206.
CVE-2023-41699 has a severity value of 6.1, which is considered medium.
To fix CVE-2023-41699, update your Payara Server, Micro, or Embedded software to version 5.57.0 or later (for versions 5.0.0 or earlier) or version 220.127.116.11.46 or later (for versions 18.104.22.168 or earlier).
You can find more information about CVE-2023-41699 in the Payara Platform Release Notes for version 6.8.0 and the Payara Community Release Notes for version 6.2023.11.