Description
PicketBox and JBossSX, as used in Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2 and JBoss BRMS before 6.0.3 roll up patch 2, allows remote authenticated users to read and modify the application sever configuration and state by deploying a crafted application.
Remediation
References
Related Vulnerabilities
Grafana Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-12459)
PostgreSQL Permissions, Privileges, and Access Controls Vulnerability (CVE-2007-2138)
PHP Integer Overflow or Wraparound Vulnerability (CVE-2019-11048)
WordPress Plugin AllWebMenus WordPress Menu 'actions.php' Arbitrary File Upload (1.1.8)