Description
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.
Remediation
References
Related Vulnerabilities
phpMyAdmin 7PK - Security Features Vulnerability (CVE-2016-1927)
WordPress Plugin Contact Form by BestWebSoft Cross-Site Scripting (4.0.5)
CakePHP Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2015-8379)
WordPress Plugin Related Posts for WordPress Cross-Site Scripting (2.0.3)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2018-3245)