Description
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
Remediation
References
Related Vulnerabilities
Drupal Other Vulnerability (CVE-2002-1806)
WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-5296)
WordPress Plugin GigPress SQL Injection (2.3.28)
Oracle Database Server CVE-2006-0260 Vulnerability (CVE-2006-0260)
Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)