CVE-2012-1094 (jboss_application_server)

JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.

View Full Alert

Leave a Reply