Vulnerabilities > CVE-2004-1631 - Remote Cross-Site Scripting And Connection Proxy vulnerability in OpenWFE
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Open WorkFlow Engine (OpenWFE) 1.4.x allows remote attackers to conduct port scans of remote hosts by specifying the target in an rmi:// Worklist URL, then using the response times to infer the results.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 6 |