Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Jboss EAP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-3878)

Description

Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.3 before 4.3.0.CP09 allows remote attackers to hijack the authentication of administrators for requests that deploy WAR files.

Remediation

References

Related Vulnerabilities

GeoServer Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2025-30145)

osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2024-22724)

Apache Tomcat Other Vulnerability (CVE-2005-4703)

MongoDb Uncontrolled Resource Consumption Vulnerability (CVE-2025-6712)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-4341)

Severity

Medium

Classification

CVE-2010-3878 CWE-352

Tags

Missing Update Known Vulnerabilities