Description
A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.
Remediation
References
Related Vulnerabilities
Oracle HTTP Server Out-of-bounds Write Vulnerability (CVE-2021-39275)
OpenSSL Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-4044)
WordPress 5.4.x Multiple Vulnerabilities (5.4 - 5.4.10)
WordPress Plugin PowerPress Podcasting by Blubrry Cross-Site Scripting (6.0)
WordPress Plugin Greenshift-animation and page builder blocks Cross-Site Scripting (4.8.8)