Description
Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x before 6.2022.1, and Payara Platform Enterprise before 5.45.0.
Remediation
References
Related Vulnerabilities
Ruby Cryptographic Issues Vulnerability (CVE-2012-5371)
WordPress Plugin WPshop-eCommerce Arbitrary File Upload (1.3.9.5)
WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease Cross-Site Request Forgery (4.0.9)
PHP Improper Restriction of XML External Entity Reference Vulnerability (CVE-2023-3823)
WordPress Plugin Advanced Dynamic Pricing for WooCommerce Multiple Vulnerabilities (4.1.5)