WEB APPLICATION VULNERABILITIES Standard & Premium

Jboss EAP CVE-2023-4061 Vulnerability (CVE-2023-4061)

Description

A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system.

Remediation

References

Related Vulnerabilities

WordPress Plugin Product Import Export for WooCommerce Cross-Site Request Forgery (1.7.4)

Nginx Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-0337)

PHP-Fusion Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-23702)

Apache Tomcat Improper Handling of Exceptional Conditions Vulnerability (CVE-2017-5664)

WordPress Plugin WP-AutoYoutube 'index.php' Script SQL Injection (0.1)

Severity

Medium

Classification

CVE-2023-4061 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities