During the malware scan of wildfly-23.0.2.Final package, we have found PUA (Potentially Unwanted Application) in few java script files of hal console.
PUA details are mentioned below.
PUA Detected
PUA.Html.Exploit.CVE_2012_0469-1 FOUND
Infected Files
Wildfly-23.0.2.Final/modules/system/layers/base/org/jboss/as/console/main/hal-console-3.3.6.Final-resources.jar
/js/external.min.js
/js/pouchdb.js
/js/external.js
/js/pouchdb.min.js
In our application, we are not using hal-console.
Is hal-console internally used by wildfly ?
Is there any way to remove these specific java script files or hal-console from wildfly ?