PT-2019-8771 · Red Hat · Jboss Eap Management Console

Jakub Palaczynski

Publicado

2019-03-27

Atualizado

2019-06-11

CVE-2018-10934

CVSS v3.1

5.4

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions JBoss Management Console versions prior to 7.1.6.CR1 JBoss Management Console versions prior to 7.1.6.GA

Description A cross-site scripting (XSS) issue was discovered. This allows users with object creation capabilities to attack other privileged users.

Recommendations For versions prior to 7.1.6.CR1, update to version 7.1.6.CR1 or later. For versions prior to 7.1.6.GA, update to version 7.1.6.GA or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2018-10934

RHSA-2019:0364

RHSA-2019:0365

RHSA-2019:1159

RHSA-2019:1160

RHSA-2019:1161

Produtos afetados

Jboss Eap Management Console

PT-2019-8771 · Red Hat · Jboss Eap Management Console

CVE-2018-10934

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 8