Description
Red Hat JBoss Enterprise Application Platform (JBEAP) 6.2.2, when using a Java Security Manager (JSM), does not properly apply permissions defined by a policy file, which causes applications to be granted the java.security.AllPermission permission and allows remote attackers to bypass intended access restrictions.
Remediation
References
Related Vulnerabilities
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.20)
Drupal Core 9.2.x Cross-Site Scripting (9.2.0 - 9.2.10)
MySQL CVE-2020-14791 Vulnerability (CVE-2020-14791)
Oracle Database Server Other Vulnerability (CVE-1999-0784)
WordPress Plugin UserPro-Community and User Profile Privilege Escalation (4.9.27)