Jedox 2022.4.2 Database Credential Disclosure
Posted on 05 May 2023
Jedox version 2022.4.2 has an information disclosure vulnerability in /be/rpc.php that allows remote authenticated users with the appropriate permissions to modify database connections to disclose the clear text credentials via the test connection function.