Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TWiki 4.0.5 and earlier, when running under Apache 1.3 using ApacheLogin with sessions and "ErrorDocument 401" redirects to a valid wiki topic, does not properly handle failed login attempts, which allows remote attackers to read arbitrary content by cancelling out of a failed authentication with a valid username and invalid password.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Twiki ApacheLogin Apache失败登录信息泄露漏洞
Vulnerability Description
TWiki 当运行在使用带有会话的ApacheLogin的Apache 1.3下且"ErrorDocument 401"会重定向到一个有效wiki主题时,未正确处理失败的登录尝试,远程攻击者可以通过取消一个带有效用户名和无效密码的失败认证来读到任意内容。
CVSS Information
N/A
Vulnerability Type
N/A