CVE-2007-1157
JBoss - Cross-Site Request Forgery via jmx-console/HtmlAdaptor
Title source: llmDescription
Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733.
References (4)
Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32673
Vendor Advisory mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/461004/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/33142
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/460934/100/0/threaded
Scores
EPSS
0.0091
EPSS Percentile
55.7%
Details
CWE
CWE-352
Status
published
Products (1)
jboss/jboss
Published
Mar 02, 2007
Tracked Since
Feb 18, 2026