PT-2019-6580 · Red Hat · Jboss Brms
Marc Schoenefeld
·
Publicado
2019-11-12
·
Atualizado
2019-11-14
·
CVE-2010-3857
CVSS v2.0
4.3
Média
| Vetor | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
JBoss BRMS versions prior to 5.1.0
Description
The issue is related to a XSS vulnerability. It can be exploited via the
asset parameter, specifically when using a UUID value.Recommendations
For versions prior to 5.1.0, update to version 5.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable parameter
asset to minimize the risk of exploitation.Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Jboss Brms