Wildfly HAL Console Cross-Site Scripting Vulnerability

Vulnerability

A cross-site scripting vulnerability has been identified in the HAL Console component of Wildfly. This issue arises because the application fails to properly sanitize user input before it is displayed on web pages served to other users. To exploit this vulnerability, an attacker must be authenticated and belong to one of the following management groups: 'SuperUser', 'Admin', or 'Maintainer'.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

1.7

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.2

impact

1.7

exploitability

4.8

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Wildfly HAL Console Cross-Site Scripting Vulnerability

Vulnerability

Impact

Affected Products

Red Hat Wildfly

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating