0.001 Low
EPSS
Percentile
47.7%
Glassfish web-core is vulnerable to XML External Entity (XXE) attacks. These allow remote attackers to bypass security-manager restrictions and read arbitrary files via a crafted web application that provides an XML external entity declaration in conjunction with an entity reference. This is related to CVE-2014-0096.