oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

DOM based XSS in the JBoss AS 7 administration console - CVE-2011-3606

From: David Jorm <djorm () redhat com>
Date: Thu, 01 Dec 2011 22:54:23 -0500 (EST)
CVE-2011-3606 has been assigned to a DOM based XSS in the JBoss AS 7 administration console. This issue was embargoed 
until today, with a fix now available in the latest release of AS 7. Details are in Red Hat Bugzilla:

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3606

Thanks to David Black for reporting this flaw.

-- 
David Jorm / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: