CVE-2015-3267

Name of the Vulnerable Software and Affected Versions Red Hat JBoss Operations Network versions prior to 3.3.3

Description A cross-site scripting (XSS) issue exists in the 404 error page, allowing remote attackers to inject arbitrary web script or HTML via a crafted URL. This could potentially lead to unauthorized actions on the affected system.

Recommendations For versions prior to 3.3.3, update to version 3.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the 404 error page until a patch is available.