Description
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected.
Remediation
References
https://bugzilla.redhat.com/show_bug.cgi?id=1796617
Related Vulnerabilities
CVE-2020-28487 Vulnerability in npm package vis-timeline
CVE-2023-48240 Vulnerability in maven package org.xwiki.platform:xwiki-platform-diff-xml
CVE-2021-41532 Vulnerability in maven package org.apache.ozone:ozone-recon
CVE-2021-21317 Vulnerability in npm package uap-core
CVE-2020-1731 Vulnerability in maven package org.keycloak:keycloak-core