CVE-2021-25958

CVE-2021-25958

In Apache Ofbiz, versions v17.12.01 to v17.12.07 implement a try catch exception to handle errors at multiple locations but leaks out sensitive table info which may aid the attacker for further recon. A user can register with a very long password, but when he tries to login with it an exception occurs.

Source: CVE-2021-25958

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다