Description
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server CVE-2019-2414 Vulnerability (CVE-2019-2414)
WordPress Plugin Event Management Tickets Booking By Event Monster Cross-Site Scripting (1.0.7)
MySQL CVE-2018-3173 Vulnerability (CVE-2018-3173)
WordPress CVE-2020-28039 Vulnerability (CVE-2020-28039)
Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2014-7836)