Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary log filename) can be achieved via the PATH_INFO to swp/login/EJBRemoteService/, related to com.swift.ejbgwt.j2ee.client.EjBlnvocationException error log information containing null@java:comp/env/ error messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SWIFT Alliance Web Platform 注入漏洞
Vulnerability Description
SWIFT Alliance Web Platform是比利时SWIFT公司的一套用于SWIFT Alliance系列产品的图形用户界面软件。 SWIFT Alliance Web Platform 7.1.23版本中存在安全漏洞。攻击者可利用该漏洞篡改日志文件的名称和错误日志信息。
CVSS Information
N/A
Vulnerability Type
N/A