CVE-2021-3536
20.05.2021, 13:15
A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity.
Vendor | Product | Version |
---|---|---|
redhat | build_of_quarkus | - |
redhat | data_grid | 8.0 |
redhat | descision_manager | 7.0 |
redhat | integration_camel_k | - |
redhat | integration_camel_quarkus | - |
redhat | integration_service_registry | - |
redhat | jboss_enterprise_application_platform | 7.0 |
redhat | wildfly | 𝑥 < 23.0.2 |
𝑥
= Vulnerable software versions