Red Hat JBoss Operations Network is vulnerable to cross-site scripting (XSS). Lack of input validation in the Administration Interface allows remote attackers to inject arbitrary Javascript into a victim’s browser to steal session tokens or perform unwanted actions on behalf of the user.
CPE | Name | Operator | Version |
---|---|---|---|
rhq enterprise agent-server communications layer | eq | 4.2.0 | |
rhq utilities | eq | 4.2.0 |