Medium severity4.8OSV Advisory· Published May 20, 2021· Updated Jun 17, 2026
CVE-2021-3536
CVE-2021-3536
Description
A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.wildfly:wildfly-parentMaven | < 23.0.2.Final | 23.0.2.Final |
Affected products
3- osv-coords2 versions
< 23.0.2+ 1 more
- (no CPE)range: < 23.0.2
- (no CPE)range: < 23.0.2.Final
Patches
Vulnerability mechanics
References
3- bugzilla.redhat.com/show_bug.cginvdIssue TrackingVendor AdvisoryWEB
- github.com/advisories/GHSA-v2wx-jj66-2hp7ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2021-3536ghsaADVISORY
News mentions
0No linked articles in our index yet.