Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application.
References
Link | Resource |
---|---|
https://github.com/ifmacedo/mconnect/blob/main/sensitiveDataExposure | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2021-07-20T19:29:07
Updated: 2021-07-20T19:29:07
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-23284
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-07-20T20:15:07.543
Modified: 2021-07-31T00:53:49.467
Link: CVE-2020-23284
JSON object: View
Redhat Information
No data.
CWE