Description Get requests in JBoss Enterprise Application Platform (EAP) 7 disclose internal IP addresses to remote attackers. Remediation References CVE-2016-6311 Related Vulnerabilities XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2022-41931) WordPress Plugin Cms Pack TimThumb Arbitrary File Upload (1.3) WordPress Plugin DosCero.Menu Cross-Site Scripting (1.0) WordPress Plugin Beautiful Stat Counter for WordPress-Everest Counter Lite includes Backdoor [Only if downloaded via the vendor website] (2.0.7) WordPress Plugin Ninja Forms Contact Form-The Drag and Drop Form Builder for WordPress Cross-Site Scripting (3.3.21) Severity Medium Classification CVE-2016-6311 CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Tags Missing Update Known Vulnerabilities