Home / exploits Jedox 2020.2.5 Database Credential Disclosure
Posted on 05 May 2023
Jedox version 2020.2.5 suffers from having improper access controls in /tc/rpc that allows remote authenticated users to view details of database connections via the class com.jedox.etl.mngr.Connections and the method getGlobalConnection.