Home / os / win2k

Jedox 2022.4.2 Database Credential Disclosure

Posted on 05 May 2023

Jedox version 2022.4.2 has an information disclosure vulnerability in /be/rpc.php that allows remote authenticated users with the appropriate permissions to modify database connections to disclose the clear text credentials via the test connection function.

 

TOP