cvedb.io
CVE-2018-10934
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2019-03-27T13:29:00.337 · Last modified 2026-06-17T01:34:57.570

Summary

A cross-site scripting (XSS) vulnerability was found in the JBoss Management Console versions before 7.1.6.CR1, 7.1.6.GA. Users with roles that can create objects in the application can exploit this to attack other privileged users.

Affected products

redhat — jboss_enterprise_application_platform

Does this affect you?

Add your gear to cvedb and we'll alert you only when redhat ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.