Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
将CoreDump文件暴露给非授权控制范围
Vulnerability Title
TeleMessage 安全漏洞
Vulnerability Description
TeleMessage是以色列TeleMessage公司的一个为企业提供安全合规的消息传递解决方案。 TeleMessage 2025-05-05及之前版本存在安全漏洞,该漏洞源于JSP应用程序的堆内容包含通过HTTP发送的密码。
CVSS Information
N/A
Vulnerability Type
N/A