Описание
JBoss AS may expose root content if excluded-contexts list is mismatched
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.
Пакеты
org.jboss.as:jboss-as-server
>= 7.0.0.Alpha1, < 7.1.1.Final
7.1.1.Final
Связанные уязвимости
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostna ...