Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

Jboss EAP Improper Input Validation Vulnerability (CVE-2011-4575)

Description

Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Remediation

References

Related Vulnerabilities

Serendipity Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2013-5670)

SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-2978)

SharePoint Improper Input Validation Vulnerability (CVE-2011-1989)

Jenkins Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2020-2105)

Joomla Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') Vulnerability (CVE-2018-11324)

Severity

Medium

Classification

CVE-2011-4575 CWE-20

Tags

Missing Update Known Vulnerabilities