Description
Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 allows remote attackers to obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.
Remediation
References
Related Vulnerabilities
XWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-41932)
WordPress Plugin Spectra-WordPress Gutenberg Blocks Cross-Site Scripting (1.14.11)
Oracle JRE CVE-2019-2992 Vulnerability (CVE-2019-2992)
WordPress Plugin CloudFlare Multiple Unspecified Vulnerabilities (1.1.6)
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Security Bypass (2.7.2)