CVE-2021-3536

Published: May 20, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity.

Vendor	Product	Versions
n/a	wildfly	affected `Wildfly 23.0.2.Final`

Weaknesses (CWE)

CWE-79

References

https://bugzilla.redhat.com/show_bug.cgi?id=1948001

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-3536

Description

Affected Products

Weaknesses (CWE)

References