Wildfly Deployment System Vulnerability: Cross-Site Scripting Attacks Possible
CVE-2024-10234
6.1MEDIUM
Key Information
- Vendor
- Red Hat
- Status
- Red Hat Build Of Keycloak
- Red Hat Fuse 7
- Red Hat Jboss Data Grid 7
- Red Hat Jboss Enterprise Application Platform 7
- Vendor
- CVE Published:
- 22 October 2024
Summary
A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability Reserved
Vulnerability published
Collectors
NVD DatabaseMitre Database