Jboss Portal@* Security Vulnerabilities and Issues — Jboss Portal@* CVE List

Lucene search

RedhatJboss Portal*

3 matches found

CVE•added 2020/01/02 8:15 p.m.•86 views

CVE-2014-0245

It was found that the implementation of the GTNSubjectCreatingInterceptor class in gatein-wsrp was not thread safe. For a specific WSRP endpoint, under high-concurrency scenarios or scenarios where SOAP messages take long to execute, it was possible for an unauthenticated remote attacker to gain pr...

5.9CVSS6.7AI score0.00407EPSS

CVE•added 2020/01/23 7:15 p.m.•59 views

CVE-2012-5626

EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation.

7.5CVSS7.5AI score0.00176EPSS

CVE•added 2019/12/11 2:15 p.m.•53 views

CVE-2013-6495

JBossWeb Bayeux has reflected XSS

6.1CVSS6AI score0.00341EPSS