Wildfly Deployment System Vulnerability: Cross-Site Scripting Attacks Possible
CVE-2024-10234

6.1MEDIUM

Key Information:

Status
Red Hat Jboss Enterprise Application Platform 7.4.23
Red Hat Jboss Enterprise Application Platform 7.4 For Rhel 8
Red Hat Jboss Enterprise Application Platform 7.4 For Rhel 9
Vendor
CVE Published:
22 October 2024

What is CVE-2024-10234?

A security flaw has been identified in Wildfly that enables attackers to perform Cross-Site Scripting (XSS) attacks within the deployment system. This vulnerability allows an attacker or an insider to leverage the deployment mechanism to introduce a malicious payload, potentially leading to unauthorized server behavior. It is essential for users and administrators of Wildfly to mitigate this risk by applying recommended security patches and updates to safeguard their systems from exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://access.redhat.com/errata/RHSA-2025:10924
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10925
vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10926
vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.