CVE-2021-37935

CVE-2021-37935

An information disclosure vulnerability in the login page of Huntflow Enterprise before 3.10.4 could allow an unauthenticated, remote user to get information about the domain name of the configured LDAP server. An attacker could exploit this vulnerability by requesting the login page and searching for the "isLdap" JavaScript parameter in the HTML source code.

Source: CVE-2021-37935

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다