Vulnerabilities > Redhat > Jboss Application Server > 7.0.0

DATE CVE VULNERABILITY TITLE RISK
2020-03-10 CVE-2012-1094 Information Exposure vulnerability in Redhat Jboss Application Server
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.
network
low complexity
redhat CWE-200
7.5
7.5
2019-11-26 CVE-2011-3609 Cross-Site Request Forgery (CSRF) vulnerability in Redhat Jboss Application Server 7.0.0/7.0.1/7.0.2
A CSRF issue was found in JBoss Application Server 7 before 7.1.0.
network
low complexity
redhat CWE-352
6.5
6.5
2019-11-26 CVE-2011-3606 Cross-site Scripting vulnerability in Redhat Jboss Application Server 7.0.0/7.0.1/7.0.2
A DOM based cross-site scripting flaw was found in the JBoss Application Server 7 before 7.1.0 Beta 1 administration console.
network
low complexity
redhat CWE-79
5.4
5.4