Lucene search
Apache Jackrabbit Oak Security Vulnerabilities
cve
The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials object but does...
7.5CVSS
7.5AI Score
0.006EPSS
2020-01-28 05:15 PM
71