Description
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
Remediation
References
Related Vulnerabilities
OpenSSL Double Free Vulnerability (CVE-2022-4450)
WordPress Plugin Tidio Gallery Multiple Vulnerabilities (1.1)
Liferay DXP Observable Discrepancy Vulnerability (CVE-2024-25146)
DWR Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-5325)
WordPress Plugin Lazyest Gallery 'image' Parameter Cross-Site Scripting (1.0.28)