The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 63.8%