Description
A flaw was found in Wildfly Security Manager, running under JDK 11 or 8, that authorized requests for any requester. This flaw could be used by a malicious app deployed on the app server to access unauthorized information and possibly conduct further attacks. Versions shipped with Red Hat Jboss EAP 7 and Red Hat SSO 7 are vulnerable to this issue.
Remediation
References
Related Vulnerabilities
SharePoint Improper Input Validation Vulnerability (CVE-2026-32201)
WordPress Plugin Magic Fields Arbitrary File Upload (1.6.3.2)
WordPress Plugin WordPress Calls to Action Unspecified Vulnerability (2.3.1)
Moodle Improper Validation of Integrity Check Value Vulnerability (CVE-2021-20184)
WordPress Plugin WooCommerce Social Login PHP Object Injection (2.6.3)