JON3: privilege escalation via improper authorization

It was found that JBoss Operations Network allowed regular users to add a new super user by sending a specially crafted request to the web console. This attacks allows escalation of privileges...