Description
A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.
Remediation
References
Related Vulnerabilities
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Local File Inclusion (1.5.24)
Drupal Core 8.9.x Multiple Cross-Site Scripting Vulnerabilities (8.9.0 - 8.9.5)
Oracle Database Server CVE-2018-2575 Vulnerability (CVE-2018-2575)
VMware directory traversal and privilege escalation vulnerabilities
WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.229)