{"vulnerability": "CVE-2011-3609", "sightings": [{"uuid": "546e4b78-9e6e-4935-a9c8-4896b7316746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2011-3609", "type": "seen", "source": "https://t.me/ctinow/194741", "content": "https://ift.tt/j5BIaYG\nCVE-2011-3609 | Red Hat JBoss Application Server up to 7.0.x cross-site request forgery (BID-50888 / OSVDB-77458)", "creation_timestamp": "2024-02-27T18:52:17.000000Z"}, {"uuid": "bec463d9-b51b-46a3-9855-d614d22ebf8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2011-3609", "type": "seen", "source": "https://t.me/cibsecurity/8322", "content": "ATENTION\u203c New - CVE-2011-3609\n\nA CSRF issue was found in JBoss Application Server 7 before 7.1.0. JBoss did not properly restrict access to the management console information (for example via the \"Access-Control-Allow-Origin\" HTTP access control flag). This can lead to unauthorized information leak if a user with admin privileges visits a specially-crafted web page provided by a remote attacker.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-11-26T08:57:28.000000Z"}]}