Vulnerabilities > Redhat > Jboss Operations Network
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-10-24 | CVE-2013-4373 | Improper Input Validation vulnerability in Redhat Jboss Operations Network 3.1.2 The storeFiles method in JPADriftServerBean in Red Hat JBoss Operations Network (JON) 3.1.2 allows local users to load arbitrary drift files into a server by writing the files to the temporary directory that is used to unpack zip files. | 3.2 |
| 2013-10-24 | CVE-2013-4293 | Cryptographic Issues vulnerability in Redhat Jboss Operations Network 3.1.2 The server in Red Hat JBoss Operations Network (JON) 3.1.2 logs passwords in plaintext, which allows local users to obtain sensitive information by reading the log files. | 2.1 |
| 2012-01-08 | CVE-2011-3206 | Cross-Site Scripting vulnerability in multiple products Multiple cross-site scripting (XSS) vulnerabilities in the administration interface in RHQ 4.2.0, as used in JBoss Operations Network (aka JON or JBoss ON) before 3.0, allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |