oss-sec mailing list archives
DOM based XSS in the JBoss AS 7 administration console - CVE-2011-3606
From: David Jorm <djorm () redhat com>
Date: Thu, 01 Dec 2011 22:54:23 -0500 (EST)
CVE-2011-3606 has been assigned to a DOM based XSS in the JBoss AS 7 administration console. This issue was embargoed until today, with a fix now available in the latest release of AS 7. Details are in Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3606 Thanks to David Black for reporting this flaw. -- David Jorm / Red Hat Security Response Team
Current thread:
- DOM based XSS in the JBoss AS 7 administration console - CVE-2011-3606 David Jorm (Dec 01)