Fedora Account System
Red Hat Associate
Red Hat Customer
A flaw was found in Jastow. Jastow is vulnerable to Cross-Site Scripting (XSS) attack. If using a set of combined configuration to allow unescaped characters in URL with embedded Undertow and Jastow, a server might be vulnerable to improper input handling.
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.1 Via RHSA-2026:36345 https://access.redhat.com/errata/RHSA-2026:36345
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 8 Via RHSA-2026:36342 https://access.redhat.com/errata/RHSA-2026:36342
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 9 Via RHSA-2026:36343 https://access.redhat.com/errata/RHSA-2026:36343
This issue has been addressed in the following products: Red Hat JBoss Enterprise Application Platform 8.1 for RHEL 10 Via RHSA-2026:36344 https://access.redhat.com/errata/RHSA-2026:36344