Lucene search
+L

4 matches found

vulnrichment
vulnrichment
added 2025/01/14 5:41 p.m.6 views

CVE-2025-23366 Org.jboss.hal:hal-console: wildfly hal console cross-site scripting

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

6.5CVSS6.5AI score0.00426EPSS
Exploits0References5
cvelist
cvelist
added 2025/01/14 5:41 p.m.26 views

CVE-2025-23366 Org.jboss.hal:hal-console: wildfly hal console cross-site scripting

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

6.5CVSS0.00426EPSS
Exploits0References5
osv
osv
added 2025/01/14 5:41 p.m.5 views

CVE-2025-23366 Org.jboss.hal:hal-console: wildfly hal console cross-site scripting

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

6.5CVSS6.5AI score0.00426EPSS
Exploits0References9
redhatcve
redhatcve
added 2025/01/14 3:58 p.m.8 views

CVE-2025-23366

A flaw was found in the HAL Console in the Wildfly component, which does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a web page that is served to other users. The attacker must be authenticated as a user that belongs to management groups...

6.5CVSS6.7AI score0.00426EPSS
Exploits0References3
Rows per page
Query Builder