A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions prior to 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss_enterprise_application_platform 7.0 |
||
redhat jboss enterprise application platform 7.1.0 |
||
redhat single sign-on 7.2 |