CVE-2011-4575

Published: Feb 5, 2013Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in the JMX console in JBoss Enterprise Application Platform (EAP) before 5.2.0, Web Platform (EWP) before 5.2.0, BRMS Platform before 5.3.1, and SOA Platform before 5.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (3)

Products: Redhat: Jboss Enterprise Web Platform, Jboss Enterprise Application Platform, Jboss Enterprise Brms Platform

3 products

Jboss Enterprise Web Platform

Jboss Enterprise Application Platform

Jboss Enterprise Brms Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Jboss Enterprise Web Platform	Version 5.2.0

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Jboss Enterprise Application Platform	Version 5.2.0

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Jboss Enterprise Brms Platform	Up to 5.3.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (28)

http://rhn.redhat.com/errata/RHSA-2013-0191.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0192.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0193.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0194.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0195.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0196.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0197.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0198.html

Source: secalert@redhat.com

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0221.html

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/51984

Source: secalert@redhat.com

Vendor Advisory

http://secunia.com/advisories/52054

Source: secalert@redhat.com

Vendor Advisory

http://www.osvdb.org/89578

Source: secalert@redhat.com

http://www.securityfocus.com/bid/57548

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=760387

Source: secalert@redhat.com

http://rhn.redhat.com/errata/RHSA-2013-0191.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0192.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0193.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0194.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0195.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0196.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0197.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0198.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://rhn.redhat.com/errata/RHSA-2013-0221.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/51984

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/52054

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.osvdb.org/89578

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/57548

Source: af854a3a-2127-422b-91ae-364da2661108

https://bugzilla.redhat.com/show_bug.cgi?id=760387

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.