Description

Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

CVE-2011-4575

Related Vulnerabilities

WordPress Plugin Simple Security Multiple Cross-Site Scripting Vulnerabilities (1.1.5)

WordPress Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2008-0194)

MySQL CVE-2018-2784 Vulnerability (CVE-2018-2784)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-13258)

WordPress Plugin WPeMatico RSS Feed Fetcher Cross-Site Scripting (2.6.11)

Severity

Medium

Classification

CVE-2011-4575 CWE-20

Tags

Missing Update Known Vulnerabilities