3856 matches found
Generation of Error Message Containing Sensitive Information in microweber
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...
GHSA-HHRJ-WP42-32V3 Generation of Error Message Containing Sensitive Information in microweber
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0660 Generation of Error Message Containing Sensitive Information in microweber/microweber
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0660
Microweber before 1.2.11 is affected by an information-disclosure vulnerability in microweber/microweber. An error message generated when viewing load_module:comments#search exposes sensitive information, potentially enabling an attacker to obtain sensitive data and, per the nuclei template, poss...
GHSA-PWWM-PWX2-2HW7 Generation of Error Message Containing Sensitive Information in Snipe-IT
Snipe-IT prior to version 5.3.11 is vulnerable to Generation of Error Message Containing Sensitive Information...
Generation of Error Message Containing Sensitive Information in Snipe-IT
Snipe-IT prior to version 5.3.11 is vulnerable to Generation of Error Message Containing Sensitive Information...
CVE-2022-0622
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11...
CVE-2022-0622
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11...
Information disclosure
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11...
CVE-2022-0622 Generation of Error Message Containing Sensitive Information in snipe/snipe-it
Generation of Error Message Containing Sensitive Information in Packagist snipe/snipe-it prior to 5.3.11...
CVE-2022-0622
Affected software: snipe-it (Packagist package snipe/snipe-it). Vulnerability: Generation of an error message containing sensitive information in Snipe-IT prior to version 5.3.11, leading to information exposure. Root cause/impact: The error handling path in the application reveals sensitive data...
Expression Language Injection in Netflix Conductor
Netflix Conductor uses Java Bean Validation JSR 380 custom constraint validators. When building custom constraint violation error messages, different types of interpolation are supported, including Java EL expressions. If an attacker can inject arbitrary data in the error message template being...
Information Disclosure
microweber is vulnerable to information disclosure. The vulnerability exists due to the lack of sanitization of the error message via the json.data...
Generation of Error Message Containing Sensitive Information in microweber
microweber version 1.2.10 and prior may generate an error message containing sensitive information...
GHSA-XXQ4-3742-3H28 Generation of Error Message Containing Sensitive Information in microweber
microweber version 1.2.10 and prior may generate an error message containing sensitive information...
CVE-2022-0504
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0504
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...
Information disclosure
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0504 Generation of Error Message Containing Sensitive Information in microweber/microweber
Generation of Error Message Containing Sensitive Information in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0504
CVE-2022-0504 affects microweber/microweber prior to 1.2.11. The issue is the generation of error messages that may contain sensitive information, leading to potential information disclosure. CVSS data in the records indicates confidentiality impact as HIGH (network exploitability, low complexity...