CVE-2018-10934

Summary

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.

Affected Software

VendorProductVersion RangeStatus
Red Hatwildfly-core7.1.6.CR1affected
Red Hatwildfly-core7.1.6.GAaffected

Weaknesses

  • CWE-79: CWE-79

ADP Enrichment

CVE Program Container

Additional References

References