A flaw was found in Red Hat JBoss Core Services HTTP Server in all versions, where it does not properly normalize the path component of a request URL contains dot-dot-semicolon(s). This flaw could allow an malicious user to access unauthorized information or possibly conduct further attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
redhat jboss core services httpd 2.4.37 |
||
redhat jboss core services httpd |