XSS Vulnerability in JBoss Management Console Allows Privilege Escalation

XSS Vulnerability in JBoss Management Console Allows Privilege Escalation

CVE-2018-10934 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.

Learn more about our User Device Pen Test.