CVE-2022-38756
- Reference to the description:
- Description:
- A vulnerability has been identified in Micro Focus GroupWise Web in versions prior to 18.4.2. The GW Web component makes a request to the Post Office Agent that contains sensitive information in the query parameters that could be logged by any intervening HTTP proxies.
- Last updated date:
- 03/01/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 03/01/2023
- Reference url to background
http://packetstormsecurity.com/files/170768/Micro-Focus-GroupWise-Session-ID-Disclosure.html