← Retour aux CVEs
CVE-2025-14340
N/ADescription
Cross-site scripting in REST Management Interface in Payara Server <4.1.2.191.54, <5.83.0, <6.34.0, <7.2026.1 allows an attacker to mislead the administrator to change the admin password via URL Payload.
Details CVE
Score CVSS v3.1N/A
Publie2/18/2026
Derniere modification2/18/2026
Sourcenvd
Observations honeypot0
Faiblesses (CWE)
CWE-79
References
https://docs.payara.fish/enterprise/docs/Security/Security%20Fix%20List.html(769c9ae7-73c3-4e47-ae19-903170fc3eb8)
Correlations IOC
Aucune correlation enregistree
This product uses data from the NVD API but is not endorsed or certified by the NVD.