Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2018-10934 - Vulnerability Database
Jboss EAP

Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability - CVE-2018-10934

Medium
Reference: CVE-2018-10934
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-10934
Title: Jboss EAP Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) Vulnerability
Overview:

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.