Description
The PooledInvokerServlet in JBoss EAP 4.x and 5.x allows remote attackers to execute arbitrary code via a crafted serialized payload.
Remediation
References
Related Vulnerabilities
WordPress Weak Password Recovery Mechanism for Forgotten Password Vulnerability (CVE-2014-6412)
WordPress Plugin LifterLMS-WP LMS for eLearning, Online Courses, & Quizzes Security Bypass (3.34.5)
Oracle Database Server CVE-2015-4857 Vulnerability (CVE-2015-4857)
Drupal Core 8.8.x Security Bypass (8.8.0 - 8.8.9)
ProjectSend Incorrect Authorization Vulnerability (CVE-2024-11680)