Description
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.
Remediation
References
Related Vulnerabilities
PHP Use After Free Vulnerability (CVE-2016-6295)
WordPress Plugin YITH WooCommerce Gift Cards Unspecified Vulnerability (2.14.0)
ownCloud Improper Input Validation Vulnerability (CVE-2013-2044)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2401)
WordPress Plugin Wordfence Security-Firewall & Malware Scan Multiple Vulnerabilities (5.2.4)