CVE-2025-1534 Information

Description

CVE-79: Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in Payara Platform Payara Server allows : Remote Code Inclusion.This issue affects Payara Server: from 4.1.2.1919.1 before 4.1.2.191.51 from 5.20.0 before 5.68.0 from 6.0.0 before 6.23.0 from 6.2022.1 before 6.2025.2.

Reference

https://docs.payara.fish/community/docs/6.2025.3/Release%20Notes/Release%20Notes%206.2025.3.html https://docs.payara.fish/enterprise/docs/Release%20Notes/Release%20Notes%206.24.0.html