Description
The default configuration of the (1) LdapLoginModule and (2) LdapExtLoginModule modules in JBoss Enterprise Application Platform (EAP) 4.3.0 CP10, 5.2.0, and 6.0.1, and Enterprise Web Platform (EWP) 5.2.0 allow remote attackers to bypass authentication via an empty password.
Remediation
References
Related Vulnerabilities
WordPress Plugin EELV Newsletter Multiple Vulnerabilities (4.6)
WordPress Plugin Safe Editor Unspecified Vulnerability (1.1)
MySQL CVE-2016-3495 Vulnerability (CVE-2016-3495)
WordPress Plugin WP Mobile Detector Multiple Vulnerabilities (3.8)
WordPress Plugin Elementor Website Builder Arbitrary File Upload (3.6.2)