Description
Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be granted the java.security.AllPermission permission and allows remote attackers to bypass intended access restrictions.
Remediation
References
Related Vulnerabilities
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3744)
Internet Information Services Other Vulnerability (CVE-2001-0544)
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Security Bypass (2.7.2)
WordPress Plugin Videos on Admin Dashboard Cross-Site Scripting (1.1.3)