CVE-2017-1000028

Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, that can be exploited by issuing a specially crafted HTTP GET request. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt