Description
An information disclosure vulnerability was found in JBoss Enterprise Application Platform before 7.0.4. It was discovered that when configuring RBAC and marking information as sensitive, users with a Monitor role are able to view the sensitive information.
Remediation
References
Related Vulnerabilities
Zope Web Application Server Other Vulnerability (CVE-2002-0688)
WordPress Plugin WooCommerce Arbitrary File Deletion (3.4.5)
WordPress Plugin Soundy Audio Playlist Cross-Site Scripting (4.6)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.22)
WordPress Plugin BulletProof Security Multiple Cross-Site Scripting Vulnerabilities (.53.2)