Description
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.
Remediation
References
Related Vulnerabilities
WordPress Plugin AccessPress Social Icons Multiple SQL Injection Vulnerabilities (1.6.6)
WordPress Plugin Joy Of Text Lite-SMS messaging for WordPress SQL Injection (2.3.0)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-5406)
Joomla! Core Multiple Vulnerabilities (2.5.0 - 3.10.6)
WordPress 3.7.x Arbitrary File Deletion Vulnerability (3.7 - 3.7.26)