Описание
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.
Уязвимые конфигурации
Одновременно
EPSS
7.5 High
CVSS3
6.5 Medium
CVSS3
Дефекты
Связанные уязвимости
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.
EPSS
7.5 High
CVSS3
6.5 Medium
CVSS3