(RHSA-2015:1525) Moderate: Red Hat JBoss Operations Network 3.3.3 update

Red Hat JBoss Operations Network is a Middleware management solution that
provides a single point of control to deploy, manage, and monitor JBoss
Enterprise Middleware, applications, and services.

This JBoss Operations Network 3.3.3 release serves as a replacement for
JBoss Operations Network 3.3.2, and includes several bug fixes. Refer to
the Customer Portal page linked in the References section for information
on the most significant of these changes.

The following security issue is also fixed with this release:

It was discovered that a cross-site scripting (XSS) vulnerability on a
JBoss Operations Network 404 error page allowed for session fixation
attacks. An attacker could use this flaw to impersonate a legitimate user,
resulting in compromised integrity of secure data. (CVE-2015-3267)

All users of JBoss Operations Network 3.3.2 as provided from the Red Hat
Customer Portal are advised to upgrade to JBoss Operations Network 3.3.3.