CVE-2011-1498
CVE-2011-1498 : Apache HttpClient (HttpComponents) 4.x release before 4.1.1 is vulnerable when used with an authenticating proxy; the Proxy-Authorization header is sent to the origin server, potentially logging sensitive credentials and exposing passwords. The description does not specify affecte...