Description

PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application.

Remediation

References

CVE-2014-0005

Related Vulnerabilities

SharePoint Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-1102)

MODX Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-20757)

GlassFish CVE-2017-3249 Vulnerability (CVE-2017-3249)

Drupal Core 8.6.x Remote Code Execution (8.6.0 - 8.6.9)

Drupal Core 4.5.x Cross-Site Scripting (4.5.0 - 4.5.1)

Severity

Low

Classification

CVE-2014-0005 CWE-264

Tags

Missing Update Known Vulnerabilities