Description

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.

Remediation

References

CVE-2013-4112

Related Vulnerabilities

WordPress Plugin Thrive Optimize Security Bypass (1.4.13.2)

WordPress Plugin WP Mail Cross-Site Scripting (1.1)

Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2014-3514)

MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2017-9071)

WordPress Plugin Revamp CRM for WooCommerce Local File Inclusion (1.0.3)

Severity

Medium

Classification

CVE-2013-4112 CWE-200

Tags

Missing Update Known Vulnerabilities