Description
Twiddle in Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP08 and 4.3 before 4.3.0.CP07 writes the JMX password, and other command-line arguments, to the twiddle.log file, which allows local users to obtain sensitive information by reading this file.
Remediation
References
Related Vulnerabilities
MySQL Other Vulnerability (CVE-2005-2558)
WordPress Plugin WordPress Shortcodes-Shortcodes Ultimate Multiple Vulnerabilities (4.9.3)
WordPress Plugin Slimstat Analytics Cross-Site Scripting (0.9.2)
MyBB Improper Access Control Vulnerability (CVE-2016-9413)
Oracle Application Server Other Vulnerability (CVE-2005-3452)