Description
JBoss SX and PicketBox, as used in Red Hat JBoss Enterprise Application Platform (EAP) before 6.2.3, use world-readable permissions on audit.log, which allows local users to obtain sensitive information by reading this file.
Remediation
References
Related Vulnerabilities
WordPress Plugin MasterStudy LMS-for Online Courses and Education Information Disclosure (3.2.10)
WordPress Plugin Ultimate Instagram Feed Unspecified Vulnerability (1.3)
Jenkins Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-35141)
WordPress Plugin WP Gravity Forms Zoho CRM Add-on Cross-Site Scripting (1.1.5)
WordPress Plugin WP Product Review Lite Cross-Site Scripting (3.7.5)