In JON 2.1.x before 2.1.2 SP1, users can obtain unauthorized security information about private resources managed by JBoss ON.Referenceshttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2008-5083https://access.redhat.com/security/cve/cve-2008-5083
