CVE-2007-1157

JBoss - Cross-Site Request Forgery via jmx-console/HtmlAdaptor

Title source: llm
STIX 2.1

Description

Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733.

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32673
Vendor Advisory mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/461004/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/33142
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/460934/100/0/threaded

Scores

EPSS 0.0091
EPSS Percentile 55.7%

Details

CWE
CWE-352
Status published
Products (1)
jboss/jboss
Published Mar 02, 2007
Tracked Since Feb 18, 2026