Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The action xmlexport accepts the parameter requestContext. If this parameter is present, the response includes most of the HTTP headers sent to the server and some of the CGI variables like remote_adde and server_name, which is an information disclosure.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenText Content Suite Platform 安全漏洞
Vulnerability Description
OpenText Content Suite Platform是OpenText公司的一个顶级的企业内容管理(ECM)系统。可以管理整个企业的信息生命周期,从捕获到存档和处置。 OpenText Content Suite Platform 22.1 版本存在安全漏洞,该漏洞源于动作 xmlexport 接受参数 requestContext。 如果存在此参数,则响应包括发送到服务器的大部分 HTTP 标头和一些 CGI 变量,如 remote_adde 和 server_name,这是一个信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A