Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform prior to 6.4.4 and WildFly (formerly JBoss Application Server) prior to 2.0.0.CR9 allows remote malicious users to hijack the authentication of administrators for requests that make arbitrary changes to an instance via vectors involving a file upload using a multipart/form-data submission.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss enterprise application platform |
||
redhat jboss wildfly application server |