← Back

Jboss Data Virtualization & Services

jboss_data_virtualization_&_services

Vendor: Redhat • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-2658
1Redhat
2Jboss Bpm Suite
Jboss Data Virtualization & Services
Nov 21, 2024
Jul 27, 2018
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to inte...Show more
It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console (clickjacking).Show less