Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-10934

Опубликовано: 27 мар. 2019
Источник: nvd
CVSS3: 5.4
CVSS2: 3.5
EPSS Низкий

Описание

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.1.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:single_sign-on:7.2:*:*:*:*:*:*:*

EPSS

Процентиль: 62%
0.00431
Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79
CWE-79

Связанные уязвимости

redhat логотип

CVE-2018-10934

CVSS3: 5.4
redhat
больше 7 лет назад

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.

debian логотип

CVE-2018-10934

CVSS3: 5.4
debian
почти 7 лет назад

A cross-site scripting (XSS) vulnerability was found in the JBoss Mana ...

github логотип

GHSA-fw7x-p3x6-x9p7

CVSS3: 5.4
github
больше 3 лет назад

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.

EPSS

Процентиль: 62%
0.00431
Низкий

5.4 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79
CWE-79