Description
Oracle 9i Application Server (9iAS) installs multiple sample pages that allow remote attackers to obtain environment variables and other sensitive information via (1) info.jsp, (2) printenv, (3) echo, or (4) echo2.
Remediation
References
Related Vulnerabilities
Magento CVE-2020-9579 Vulnerability (CVE-2020-9579)
WordPress Plugin Stock in & out Cross-Site Scripting (1.0.4)
Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2023-41080)
Squid Missing Release of Memory after Effective Lifetime Vulnerability (CVE-2021-28652)
WordPress Plugin Jetpack-WP Security, Backup, Speed, & Growth Information Disclosure (9.7.1)