Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
redhat jboss application server 7.0.1 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2011-3609
A CSRF issue was found in JBoss Application Server 7 prior to 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak...
Redhat Jboss Application Server 7.0.0
Redhat Jboss Application Server 7.0.1
Redhat Jboss Application Server 7.0.2
3.5
CVSSv2
CVE-2011-3606
A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 prior to 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which wou...
Redhat Jboss Application Server 7.0.0
Redhat Jboss Application Server 7.0.1
Redhat Jboss Application Server 7.0.2
4.3
CVSSv2
CVE-2012-4529
The org.apache.catalina.connector.Response.encodeURL method in Red Hat JBoss Web 7.1.x and previous versions, when the tracking mode is set to COOKIE, sends the jsessionid in the URL of the first response of a session, which allows remote malicious users to obtain the session id ...
Redhat Jboss Community Application Server
Redhat Jboss Community Application Server 7.1.0
Redhat Jboss Community Application Server 6.1.0
Redhat Jboss Community Application Server 5.0.0
Redhat Jboss Community Application Server 7.0.2
Redhat Jboss Community Application Server 7.0.1
Redhat Jboss Community Application Server 7.0.0
Redhat Jboss Community Application Server 6.0.0
Redhat Jboss Community Application Server 5.1.0
Redhat Jboss Community Application Server 5.0.1
Redhat Jboss Enterprise Application Platform 6.0.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started