Описание
JBossWeb Bayeux has reflected XSS
Отчет
Red Hat JBoss Enterprise Application Platform 6 prior to 6.1.1 and Red Hat JBoss Portal Platform 6 prior to 6.1.0 are affected by this flaw. All users of vulnerable versions are advised to update to 6.1.1 or later of Red Hat JBoss Enterprise Application Platform 6 and 6.1.0 or later of Red Hat JBoss Portal Platform 6
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat BPM Suite 6 | jbossweb | Not affected | ||
| Red Hat JBoss BRMS 5 | jbossweb | Will not fix | ||
| Red Hat JBoss BRMS 6 | jbossweb | Not affected | ||
| Red Hat JBoss Data Grid 6 | jbossweb | Not affected | ||
| Red Hat JBoss Data Virtualization 6 | jbossweb | Not affected | ||
| Red Hat JBoss Enterprise Application Platform 5 | jbossweb | Will not fix | ||
| Red Hat JBoss Fuse Service Works 6 | jbossweb | Not affected | ||
| Red Hat JBoss Operations Network 3 | jbossweb | Not affected | ||
| Red Hat JBoss Portal 5 | jbossweb | Will not fix | ||
| Red Hat JBoss Portal 6 | jbossweb | Affected |
Показывать по
10
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=1066794Bayeux: Reflected Cross-Site Scripting (XSS)
EPSS
Процентиль: 56%
0.00341
Низкий
4.3 Medium
CVSS2
Связанные уязвимости
EPSS
Процентиль: 56%
0.00341
Низкий
4.3 Medium
CVSS2