Improper input validation in Redhat Jboss_enterprise_application_platform

CVE-2011-4575

Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to…

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.013 (79.9th percentile) — read the EPSS interpretation.

Affected products

Redhat Jboss_enterprise_application_platform — versions 5.2.0
Redhat Jboss_enterprise_brms_platform
Redhat Jboss_enterprise_web_platform — versions 5.2.0
N/a — versions n/a

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

secalert@redhat.com (x_refsource_MISC)
89578 (x_refsource_OSVDB, vdb-entry)
RHSA-2013:0192 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
RHSA-2013:0198 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
RHSA-2013:0195 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
RHSA-2013:0221 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
RHSA-2013:0196 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
RHSA-2013:0193 (x_refsource_REDHAT, vendor-advisory, Vendor Advisory)
51984 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)
52054 (x_refsource_SECUNIA, third-party-advisory, Vendor Advisory)