Description
A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for io.undertow.request.security. If enabled, an attacker could abuse this flaw to obtain the user's credentials from the log files.
Remediation
References
Related Vulnerabilities
WordPress Plugin Alert Before Your Post Cross-Site Scripting (0.1.1)
WordPress Plugin Custom Dashboard & Login Page-AGCA Multiple Unspecified Vulnerabilities (1.5.4.2)
WordPress Improper Input Validation Vulnerability (CVE-2017-6815)
WordPress Plugin Leaflet Maps Marker Pro Multiple Vulnerabilities (1.5.7)