Description
A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.
Remediation
References
Related Vulnerabilities
Piwigo Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-4614)
Dot CMS Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-8600)
Oracle JRE CVE-2020-14577 Vulnerability (CVE-2020-14577)
Drupal CVE-2008-4793 Vulnerability (CVE-2008-4793)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3946)