CVE-2013-3734

The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow 1 man-in-the-middle attackers to obtain sensitive information by leveraging failure to use SSL or 2 attackers to obtain sensitive information by...

Input validation

The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow 1 man-in-the-middle attackers to obtain sensitive information by leveraging failure to use SSL or 2 attackers to obtain sensitive information by...

CVE-2013-3734

The CVE-2013-3734 vulnerability affects the Embedded Jopr component of JBoss Application Server, where the cleartext datasource password is included in unspecified HTML responses. Root cause: passwords are exposed in later responses (even if masked in the UI) or in the HTML source, enabling infor...

CVE-2013-3734

The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses, which might allow 1 man-in-the-middle attackers to obtain sensitive information by leveraging failure to use SSL or 2 attackers to obtain sensitive information by...

PT-2017-5475 · Red Hat · Jboss Application Server

Name of the Vulnerable Software and Affected Versions: JBoss Application Server affected versions not specified Description: The Embedded Jopr component in JBoss Application Server includes the cleartext datasource password in unspecified HTML responses. This might allow man-in-the-middle attacke...

CVE-2013-3734 - JBoss AS Administration Console - Password Returned in Later Response

Product: Embedded Jopr - JBoss AS Administration Console Vendor: Red Hat Middleware, LLC Version: 1.2 Tested Version: 1.2 Vendor Notified Date: May 29, 2013 Release Date: June 03, 2013 Risk: Moderate Authentication: Required Remote: Yes Description: Passwords submitted to the application are...