5 matches found
EUVD-2015-5177
Malware in sbrugna...
Red Hat JBoss Portal PortletBridge PortletRequestDispatcher Code Injection Vulnerability
Red Hat JBoss Portal is the United States Red Hat Red Hat a set of open source and standards-compliant portal platform , it can build , layout of a portal Web interface for publishing , managing content and customizing the user experience . PortletBridge is a JSR-301 and JSR 329 draft...
CVE-2015-5176
The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource...
Design/Logic Flaw
The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource...
CVE-2015-5176
CVE-2015-5176 concerns Red Hat JBoss Portal 6.2.0: the PortletBridge PortletRequestDispatcher fails to enforce servlet security constraints, allowing a remote attacker to access resources by requesting rendering of a non-JSF resource. Root cause: improper enforcement of servlet constraints in Por...