cve/CVE-2011-3609.md at bfbdb15d530107ed63bf22a2f414213ca05fd0ff

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-30 04:49:42 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

A CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the "Access-Control-Allow-Origin" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker.

POC

Reference

https://bugzilla.redhat.com/show_bug.cgi?id=743006
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3609

Github

https://github.com/Live-Hack-CVE/CVE-2011-3609

991 B Raw Blame History

CVE-2011-3609

Description

POC

Reference

Github

991 B

Raw Blame History