PT-2013-1463 · Red Hat · Brms Platform+3
Tyler Krpata
·
Published
2013-02-05
·
Updated
2023-02-13
·
CVE-2011-4575
CVSS v2.0
4.3
Medium
| Vector | AV:N/AC:M/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
JBoss Enterprise Application Platform (EAP) versions prior to 5.2.0
Web Platform (EWP) versions prior to 5.2.0
BRMS Platform versions prior to 5.3.1
SOA Platform versions prior to 5.3.1
Description
A cross-site scripting (XSS) issue exists in the JMX console, allowing remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Recommendations
For JBoss Enterprise Application Platform (EAP) versions prior to 5.2.0, update to version 5.2.0 or later.
For Web Platform (EWP) versions prior to 5.2.0, update to version 5.2.0 or later.
For BRMS Platform versions prior to 5.3.1, update to version 5.3.1 or later.
For SOA Platform versions prior to 5.3.1, update to version 5.3.1 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Brms Platform
Red Hat Jboss Enterprise Application Platform
Soa Platform
Web Platform