A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.
History

Fri, 23 Aug 2024 05:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/a:redhat:jboss_enterprise_application_platform:7::el7 cpe:/a:redhat:jboss_enterprise_application_platform:7.1::el7

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2019-03-27T12:20:07

Updated: 2024-08-05T07:54:36.087Z

Reserved: 2018-05-09T00:00:00

Link: CVE-2018-10934

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-03-27T13:29:00.337

Modified: 2024-11-21T03:42:20.490

Link: CVE-2018-10934

cve-icon Redhat

Severity : Moderate

Publid Date: 2018-08-14T00:00:00Z

Links: CVE-2018-10934 - Bugzilla