2 matches found
CVE-2022-38756
Micro Focus GroupWise Web (versions prior to 18.4.2) is affected by CVE-2022-38756. The GW Web component makes a request to the Post Office Agent containing sensitive information in query parameters, which can be logged by intervening HTTP proxies. Connected sources corroborate exposure of sessio...
CVE-2018-12468
The vulnerability CVE-2018-12468 affects Micro Focus GroupWise prior to version 18.0.2, specifically the administration console. A remote attacker authenticated as an administrator can upload files to an arbitrary server path, which in certain circumstances could enable remote code execution. Doc...