Tyler Krpata

**Name of the Vulnerable Software and Affected Versions** JBoss Enterprise Application Platform (EAP) versions prior to 5.2.0 Web Platform (EWP) versions prior to 5.2.0 BRMS Platform versions prior to 5.3.1 SOA Platform versions prior to 5.3.1 **Description** A cross-site scripting (XSS) issue exists in the JMX console, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors. **Recommendations** For JBoss Enterprise Application Platform (EAP) versions prior to 5.2.0, update to version 5.2.0 or later. For Web Platform (EWP) versions prior to 5.2.0, update to version 5.2.0 or later. For BRMS Platform versions prior to 5.3.1, update to version 5.3.1 or later. For SOA Platform versions prior to 5.3.1, update to version 5.3.1 or later.