CVE-2011-3206

Multiple cross-site scripting XSS vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network aka JON or JBoss ON before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2011-3206

The CVE-2011-3206 entry describes multiple XSS vulnerabilities in the RHQ/JBoss ON administration interface (RHQ 4.2.0, used in JBoss Operations Network before 3.0). The root cause is lack of input validation in the administration UI, allowing remote attackers to inject arbitrary script/HTML via ...