Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
BEA Plumtree Foundation及AquaLogic Interaction信息泄露漏洞
Vulnerability Description
Plumtree Foundation是流行的企业门户网站解决方案,目前已被BEA收购并成为AquaLogic产品家族的一部分。 Plumtree Foundation的实现上存在多个信息泄露漏洞,远程攻击者可能利用此漏洞获取某些敏感信息有助于进一步攻击。 在每次请求的HTML页面的HTML标注底部都会显示承载BEA Plumtree服务器的内部主机名,如下所示: <!--Hostname: websvr01-->; 此外在每次请求的HTML页面的HTML标注底部都会显示具体版本和build日期: <!-
CVSS Information
N/A
Vulnerability Type
N/A