GitHub

Yonyou UFIDA ERP-NC V5.0 has Reflected XSS Vulnerabilities

The vulnerabilities are located in the login.jsp page, where the key and redirect parameters are directly embedded into the HTML without proper sanitization or ...
GitHub

IllegalStateException when forwarding to jsp with new session

We encountered a regression when upgrading from 9.4.20 to 9.4.21 in the session handling code. When a servlet creates a new HttpSession and then forwards to another servlet/jsp that tries to access ...