Description
mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used in JBoss Enterprise Application Platform 5.1.2, when "ROOT" is set to excludedContexts, exposes the root context of the server, which allows remote attackers to bypass access restrictions and gain access to applications deployed on the root context via unspecified vectors.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Mobile Menu-The Mobile-Friendly Responsive Menu Cross-Site Scripting (2.8.2.2)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-3848)
PostgreSQL Numeric Errors Vulnerability (CVE-2010-0733)
Oracle Database Server CVE-2007-2109 Vulnerability (CVE-2007-2109)