Description

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.

Remediation

References

CVE-2013-4112

Related Vulnerabilities

WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.3.29)

WordPress Plugin Login/Signup Popup (Inline Form + Woocommerce) Cross-Site Request Forgery (2.2)

WordPress 'swfupload.swf' Cross-Site Scripting Vulnerability (2.5 - 3.3.1)

WordPress Plugin WP BaiDu Submit Cross-Site Scripting (1.2.1)

phpMyAdmin Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2016-5701)

Severity

Medium

Classification

CVE-2013-4112 CWE-200

Tags

Missing Update Known Vulnerabilities