CVSS: 7.5EPSS: 1%CPEs: 8EXPL: 2CVE-2021-26296 – Cross-Site Request Forgery (CSRF) vulnerability in Apache MyFaces
https://notcve.org/view.php?id=CVE-2021-26296
19 Feb 2021 — In the default configuration, Apache MyFaces Core versions 2.2.0 to 2.2.13, 2.3.0 to 2.3.7, 2.3-next-M1 to 2.3-next-M4, and 3.0.0-RC1 use cryptographically weak implicit and explicit cross-site request forgery (CSRF) tokens. Due to that limitation, it is possible (although difficult) for an attacker to calculate a future CSRF token value and to use that value to trick a user into executing unwanted actions on an application. En la configuración predeterminada, Apache MyFaces Core versiones 2.2.0 hasta 2.2.1... • https://packetstorm.news/files/id/161484 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2011-4343
https://notcve.org/view.php?id=CVE-2011-4343
08 Aug 2017 — Information disclosure vulnerability in Apache MyFaces Core 2.0.1 through 2.0.10 and 2.1.0 through 2.1.4 allows remote attackers to inject EL expressions via crafted parameters. Una vulnerabilidad de revelación de información en Apache MyFaces Core en sus versiones 2.0.1 a2.0.10 y 2.1.0 a 2.1.4 permite que atacantes remotos inyecten expresiones EL mediante parámetros manipulados. • http://marc.info/?l=full-disclosure&m=132313252814362 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 6%CPEs: 4EXPL: 0CVE-2016-5019 – Apache MyFaces Trinidad Information Disclosure
https://notcve.org/view.php?id=CVE-2016-5019
30 Sep 2016 — CoreResponseStateManager in Apache MyFaces Trinidad 1.0.0 through 1.0.13, 1.2.x before 1.2.15, 2.0.x before 2.0.2, and 2.1.x before 2.1.2 might allow attackers to conduct deserialization attacks via a crafted serialized view state string. CoreResponseStateManager en Apache MyFaces Trinidad 1.0.0 hasta la versión 1.0.13, 1.2.x en versiones anteriores a 1.2.15, 2.0.x en versiones anteriores a 2.0.2 y 2.1.x en versiones anteriores a 2.1.2 podría permitir a atacantes llevar a cabo ataques de deserialización a t... • http://mail-archives.apache.org/mod_mbox/myfaces-users/201609.mbox/%3CCAM1yOjYM%2BEW3mLUfX0pNAVLfUFRAw-Bhvkp3UE5%3DEQzR8Yxsfw%40mail.gmail.com%3E • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.3EPSS: 87%CPEs: 2EXPL: 4CVE-2011-4367 – Apache MyFaces - 'ln' Information Disclosure
https://notcve.org/view.php?id=CVE-2011-4367
19 Jun 2014 — Multiple directory traversal vulnerabilities in MyFaces JavaServer Faces (JSF) in Apache MyFaces Core 2.0.x before 2.0.12 and 2.1.x before 2.1.6 allow remote attackers to read arbitrary files via a .. (dot dot) in the (1) ln parameter to faces/javax.faces.resource/web.xml or (2) the PATH_INFO to faces/javax.faces.resource/. Múltiples vulnerabilidades de salto de directorio en MyFaces JavaServer Faces (JSF) en Apache MyFaces Core 2.0.x anterior a 2.0.12 y 2.1.x anterior a 2.1.6 permiten a atacantes remotos l... • https://www.exploit-db.com/exploits/36681 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2010-2057
https://notcve.org/view.php?id=CVE-2010-2057
20 Oct 2010 — shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x before 2.0.1 uses an encrypted View State without a Message Authentication Code (MAC), which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack. shared/util/StateUtils.java en Apache MyFaces v1.1.x anterior a v1.1.8, v1.2.x anterior a v1.2.9, y v2.0.x anterior a v2.0.1 utiliza un cifrado View State sin un Codigo de Autenticación de Mensaje (MAC),... • http://svn.apache.org/viewvc/myfaces/shared/trunk/core/src/main/java/org/apache/myfaces/shared/util/StateUtils.java?r1=943327&r2=951801 • CWE-310: Cryptographic Issues •
CVSS: 5.8EPSS: 1%CPEs: 2EXPL: 0CVE-2010-2086 – MyFaces: XSS via state view
https://notcve.org/view.php?id=CVE-2010-2086
27 May 2010 — Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, does not properly handle an unencrypted view state, which allows remote attackers to conduct cross-site scripting (XSS) attacks or execute arbitrary Expression Language (EL) statements via vectors that involve modifying the serialized view object. Apache MyFaces v1.1.7 y v1.2.8, como el usado en IBM WebSphere Application Server y otras aplicaciones, no maneja de forma adecuada el estado de vista no cifrada lo... • http://www.blackhat.com/presentations/bh-dc-10/Byrne_David/BlackHat-DC-2010-Byrne-SGUI-slides.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 60%CPEs: 1EXPL: 1CVE-2007-3101 – Apache MyFaces Tomahawk JSF Framework 1.1.5 - 'Autoscroll' Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2007-3101
18 Jun 2007 — Multiple cross-site scripting (XSS) vulnerabilities in certain JSF applications in Apache MyFaces Tomahawk before 1.1.6 allow remote attackers to inject arbitrary web script via the autoscroll parameter, which is injected into Javascript that is sent to the client. Múltiples vulnerabilidades de secuencias de comandos en sitios cruzados (XSS) en ciertas aplicaciones JSF en Apache MyFaces Tomahawk anterior a 1.1.6 permite a atacantes remotos inyectar secuencias de comandos web a través del parámetro autoscrol... • https://www.exploit-db.com/exploits/30191 •