Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) the security_saml quickstart, (2) the webservice_proxy_security quickstart, (3) the web-console application, (4) the http-invoker application, (5) the gpd-deployer application, (6) the jbpm-console application, (7) the contract application, and (8) the uddi-console application in JBoss Enterprise SOA Platform before 5.0.2 contains GET and POST http-method elements, which allows remote attackers to bypass intended access restrictions via a crafted HTTP request.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Red Hat JBoss Enterprise SOA Platform配置错误漏洞
Vulnerability Description
JBoss Enterprise SOA Platform 5.0.2之前的版本中的(1)security_saml快启动,(2)webservice_proxy_security快启动,(3)web-console 应用程序,(4)http-invoker应用程序,(5) gpd-deployer应用程序,(6)jbpm-console应用程序,(7)contract 应用程序,和(8)uddi-console应用程序中的picketlink-sts.war的部署描述的默认配置(又名web.xml)包含
CVSS Information
N/A
Vulnerability Type
N/A