Cross-site request forgery (CSRF) vulnerability in the Web Console (web-console) in Red Hat Enterprise Application Platform before 6.4.4 and WildFly (formerly JBoss Application Server) before 2.0.0.CR9 allows remote attackers to hijack the authentication of administrators for requests that make arbitrary changes to an instance via vectors involving a file upload using a multipart/form-data submission.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2015-10-27T16:00:00

Updated: 2024-08-06T06:41:09.012Z

Reserved: 2015-07-01T00:00:00

Link: CVE-2015-5188

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2015-10-27T16:59:03.400

Modified: 2024-11-21T02:32:31.723

Link: CVE-2015-5188

cve-icon Redhat

Severity : Moderate

Publid Date: 2015-10-15T00:00:00Z

Links: CVE-2015-5188 - Bugzilla