Description
The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information (diagnostic information) and execute arbitrary code by reusing valid credentials.
Remediation
References
Related Vulnerabilities
PHPFusion Code Execution Vulnerability (CVE-2019-12099)
WordPress Plugin Age Gate Security Bypass (2.17.0)
IBMHttpServer CVE-2012-5955 Vulnerability (CVE-2012-5955)
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13401)
Apache Traffic Server HTTP Request Smuggling Vulnerability (CVE-2020-17509 )