CVE-2024-10234

Wildfly: wildfly vulnerable to cross-site scripting (xss)

Description

A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server.

INFO

Published Date :

2024-10-22T13:17:57.891Z

Last Modified :

2025-11-11T16:05:02.693Z

Source :

redhat

AFFECTED PRODUCTS

The following products are affected by CVE-2024-10234 vulnerability.

Vendors	Products
Redhat	Build Keycloak Build Of Keycloak Jboss Data Grid Jboss Enterprise Application Platform Jboss Fuse Jbosseapxp Red Hat Single Sign On Rhosemc

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-10234.

URL	Resource
https://access.redhat.com/errata/RHSA-2025:10924
https://access.redhat.com/errata/RHSA-2025:10925
https://access.redhat.com/errata/RHSA-2025:10926
https://access.redhat.com/errata/RHSA-2025:10931
https://access.redhat.com/errata/RHSA-2025:11636
https://access.redhat.com/errata/RHSA-2025:11638
https://access.redhat.com/errata/RHSA-2025:11639
https://access.redhat.com/errata/RHSA-2025:11640
https://access.redhat.com/errata/RHSA-2025:11645
https://access.redhat.com/errata/RHSA-2025:2025
https://access.redhat.com/errata/RHSA-2025:2026
https://access.redhat.com/errata/RHSA-2025:2029
https://access.redhat.com/security/cve/CVE-2024-10234
https://bugzilla.redhat.com/show_bug.cgi?id=2320848
https://nvd.nist.gov/vuln/detail/CVE-2024-10234
https://www.cve.org/CVERecord?id=CVE-2024-10234

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact