PT-2019-8771 · Red Hat · Jboss Eap Management Console

Jakub Palaczynski

Published

2019-03-27

Updated

2019-06-11

CVE-2018-10934

CVSS v3.1

5.4

Medium

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions JBoss Management Console versions prior to 7.1.6.CR1 JBoss Management Console versions prior to 7.1.6.GA

Description A cross-site scripting (XSS) issue was discovered. This allows users with object creation capabilities to attack other privileged users.

Recommendations For versions prior to 7.1.6.CR1, update to version 7.1.6.CR1 or later. For versions prior to 7.1.6.GA, update to version 7.1.6.GA or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2018-10934

RHSA-2019:0364

RHSA-2019:0365

RHSA-2019:1159

RHSA-2019:1160

RHSA-2019:1161

Affected Products

Jboss Eap Management Console

PT-2019-8771 · Red Hat · Jboss Eap Management Console

CVE-2018-10934

Weakness Enumeration

Related Identifiers

Affected Products

References · 8