Red Hat JBossEAP: Cross-site Scripting (CVE-2024-10234)

Red Hat JBossEAP: Cross-site Scripting (CVE-2024-10234)

Severity

8

CVSS

(AV:N/AC:L/Au:M/C:C/I:C/A:N)

Published

10/22/2024

Created

12/24/2024

Added

12/20/2024

Modified

12/20/2024

Description

A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.. A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.

Solution(s)

• red-hat-jboss-eap-upgrade-latest

References

• https://attackerkb.com/topics/cve-2024-10234
• CVE - 2024-10234
• https://access.redhat.com/security/cve/CVE-2024-10234
• https://bugzilla.redhat.com/show_bug.cgi?id=2320848