System->Maintenance-> Log... CVE-2024-3165

- AV AC AU C I A
发布: 2024-04-01
修订: 2024-09-30

System->Maintenance-> Log Files in dotCMS dashboard is providing the username/password for database connections in the log output. Nevertheless, this is a moderate issue as it requires a backend admin as well as that dbs are locked down by environment. OWASP Top 10 - A05) Insecure Design OWASP Top 10 - A05) Security Misconfiguration OWASP Top 10 - A09) Security Logging and Monitoring Failure

0%
暂无可用Exp或PoC
当前有0条受影响产品信息