Description
IBM Security Access Manager for Web stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer header or browser history.
Remediation
References
Related Vulnerabilities
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-1042)
WordPress Plugin Delete All Comments Arbitrary File Upload (2.0)
Jenkins Use of Insufficiently Random Values Vulnerability (CVE-2020-2099)
Apache HTTP Server Other Vulnerability (CVE-2003-0189)
WordPress Plugin WPshop-eCommerce Arbitrary File Upload (1.3.9.5)