Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Web Application Vulnerabilities Runtime SCA Findings
Looking for the vulnerability index of Invicti's legacy products?
Invicti Enterprise Acunetix Standard & Premium

Enterprise Application Platform

Jboss EAP

The JBoss Enterprise Application Platform is a subscription-based/open-source Java EE-based application server runtime platform used for building deploying and hosting highly-transactional Java applications and services developed and maintained by Red Hat

Official Site:

https://www.redhat.com/en/technologies/jboss-middleware/application-platform

Severity Summary:

Critical: 34 High: 77 Medium: 99 Low: 16
Reference
Title
Severity
CVE-2016-6311
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2021-3536
Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-1067
Jboss EAP Improper Neutralization of CRLF Sequences in HTTP Headers (HTTP Response Splitting) Vulnerability
Medium
CVE-2020-1732
Jboss EAP Improper Input Validation Vulnerability
Medium
CVE-2016-7046
Jboss EAP Resource Management Errors Vulnerability
Medium
CVE-2020-10719
Jboss EAP Inconsistent Interpretation of HTTP Requests (HTTP Request Smuggling) Vulnerability
Medium
CVE-2020-10693
Jboss EAP Improper Input Validation Vulnerability
Medium
CVE-2015-1849
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2020-25689
Jboss EAP Uncontrolled Resource Consumption Vulnerability
Medium
CVE-2018-1047
Jboss EAP Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) Vulnerability
Medium
CVE-2018-1304
Jboss EAP Vulnerability
Medium
CVE-2019-10219
Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2017-12196
Jboss EAP Incorrect Authorization Vulnerability
Medium
CVE-2016-9585
Jboss EAP Deserialization of Untrusted Data Vulnerability
Medium
CVE-2018-1000873
Jboss EAP Improper Input Validation Vulnerability
Medium
CVE-2019-3805
Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability
Medium
CVE-2014-0226
Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability
Medium
CVE-2014-0118
Jboss EAP Uncontrolled Resource Consumption Vulnerability
Medium
CVE-2013-1862
Jboss EAP Vulnerability
Medium
CVE-2013-1896
Jboss EAP Vulnerability
Medium
CVE-2008-0455
Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2018-10934
Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-4061
Jboss EAP Vulnerability
Medium
CVE-2022-2764
Jboss EAP Vulnerability
Medium
CVE-2021-3597
Jboss EAP Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability
Medium
CVE-2019-14820
Jboss EAP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Medium
CVE-2022-0866
Jboss EAP Incorrect Authorization Vulnerability
Medium
CVE-2020-10688
Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Medium
CVE-2023-48795
Jboss EAP Improper Validation of Integrity Check Value Vulnerability
Medium
CVE-2023-3629
Jboss EAP Other Vulnerability
Medium