Description
A flaw was found in Infinispan CLI. A sensitive password, decoded from a Base64-encoded Kubernetes secret, is processed in plaintext and included in a command string that may expose the data in an error message when a command is not found.
Remediation
References
Related Vulnerabilities
YetiForce CRM Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-4092)
WordPress Plugin Rate my Post-WP Rating System Cross-Site Scripting (3.3.8)
phpMyAdmin Improper Input Validation Vulnerability (CVE-2009-1149)
Django Improper Input Validation Vulnerability (CVE-2012-3443)
TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2009-3631)