3 matches found
CVE-2015-5176
CVE-2015-5176 concerns Red Hat JBoss Portal 6.2.0: the PortletBridge PortletRequestDispatcher fails to enforce servlet security constraints, allowing a remote attacker to access resources by requesting rendering of a non-JSF resource. Root cause: improper enforcement of servlet constraints in Por...
CVE-2015-5176
The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource...
Moderate: Red Hat Security Advisory: Red Hat JBoss Portal 6.2.0 security update
An update for the PortletBridge component of Red Hat JBoss Portal 6.2.0 that fixes one security issue is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which...