{"id":"CVE-2021-3536","details":"A flaw was found in Wildfly in versions before 23.0.2.Final while creating a new role in domain mode via the admin console, it is possible to add a payload in the name field, leading to XSS. This affects Confidentiality and Integrity.","aliases":["BIT-wildfly-2021-3536","GHSA-v2wx-jj66-2hp7"],"modified":"2026-05-15T12:03:17.046502267Z","published":"2021-05-20T13:15:07.840Z","database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:a:redhat:data_grid:8.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"8.0"}],"vendor_product":"redhat:data_grid","source":"CPE_FIELD"},{"cpes":["cpe:2.3:a:redhat:descision_manager:7.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"7.0"}],"vendor_product":"redhat:descision_manager","source":"CPE_FIELD"},{"source":"CPE_FIELD","extracted_events":[{"last_affected":"7"}],"vendor_product":"redhat:jboss_a-mq","cpes":["cpe:2.3:a:redhat:jboss_a-mq:7:*:*:*:*:*:*:*"]},{"cpes":["cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.0:*:*:*:*:*:*:*"],"extracted_events":[{"last_affected":"7.0"}],"vendor_product":"redhat:jboss_enterprise_application_platform","source":"CPE_FIELD"}]},"references":[{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1948001"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N"}]}