Description

AdvancedLdapLodinMogule in Red Hat JBoss Enterprise Application Platform (EAP) before 6.4.1 allows attackers to obtain sensitive information via vectors involving logging the LDAP bind credential password when TRACE logging is enabled.

Remediation

References

CVE-2015-1849

Related Vulnerabilities

Magento Improper Input Validation Vulnerability (CVE-2022-24086)

PHP Other Vulnerability (CVE-2007-1582)

Oracle JRE CVE-2019-2989 Vulnerability (CVE-2019-2989)

WordPress Plugin Tutor LMS-eLearning and online course solution Cross-Site Scripting (1.9.1)

WordPress Plugin Comment Attachment Cross-Site Scripting (1.5.5)

Severity

Medium

Classification

CVE-2015-1849 CWE-200 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities