CVE-2016-0956 Vulnerability in maven package org.apache.sling:org.apache.sling.servlets.post

Description

The Servlets Post component 2.3.6 in Apache Sling, as used in Adobe Experience Manager 5.6.1, 6.0.0, and 6.1.0, allows remote attackers to obtain sensitive information via unspecified vectors.

Remediation

References

http://packetstormsecurity.com/files/135720/Apache-Sling-Framework-2.3.6-Information-Disclosure.html

http://seclists.org/fulldisclosure/2016/Feb/48

http://www.securityfocus.com/archive/1/537498/100/0/threaded

https://helpx.adobe.com/security/products/experience-manager/apsb16-05.html

https://www.exploit-db.com/exploits/39435/

Related Vulnerabilities

CVE-2019-10792 Vulnerability in npm package bodymen

CVE-2019-13127 Vulnerability in npm package mxgraph

CVE-2018-1002201 Vulnerability in maven package org.zeroturnaround:zt-zip

CVE-2023-29471 Vulnerability in maven package com.typesafe.akka:akka-stream-kafka

CVE-2020-36632 Vulnerability in maven package org.webjars.npm:flat

Severity

High

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N