Description

Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 before 4.3.0.CP09 allows remote attackers to hijack the authentication of administrators for requests that deploy WAR files.

Remediation

References

CVE-2010-3878

Related Vulnerabilities

Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-3273)

WordPress Plugin Nextend Google Connect Unspecified Vulnerability (1.5.3)

Oracle Application Server Other Vulnerability (CVE-2002-0568)

PrestaShop Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-4792)

PHP Other Vulnerability (CVE-2001-1385)

Severity

Medium

Classification

CVE-2010-3878 CWE-352

Tags

Missing Update Known Vulnerabilities