Description
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.
Remediation
References
Related Vulnerabilities
Microsoft SQL Server CVE-2023-32026 Vulnerability (CVE-2023-32026)
Ruby Resource Management Errors Vulnerability (CVE-2008-3443)
MySQL CVE-2021-2203 Vulnerability (CVE-2021-2203)
WordPress 4.2.x Cross-Domain Flash Injection Vulnerability (4.2 - 4.2.18)
WordPress Plugin Exit Popups & Onsite Retargeting by OptiMonk Cross-Site Scripting (1.2.5)