Back to search
CVE-2011-3606
Published: Nov 26, 2019
Modified: Aug 6, 2024
PUBLISHED
Description
A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console. A remote attacker could provide a specially-crafted web page and trick the valid JBoss AS user, with the administrator privilege, to visit it, which would lead into the DOM environment modification and arbitrary HTML or web script execution.
| Vendor | Product | Versions |
|---|---|---|
JBoss Application Server | JBoss Application Server | affected 7 before 7.1.0 Beta 1 |
References
https://security-tracker.debian.org/tracker/CVE-2011-3606
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3606
x_refsource_MISC
https://access.redhat.com/security/cve/cve-2011-3606
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now