Sensitive Information Exposure in WildFly Resource Adapter Logs
CVE-2020-25640 · MEDIUM Severity
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file.
Learn more about our Web Application Penetration Testing UK.