Sonarqube Values information Leakage Vulnerability Cve 2020 27986
Sonarqube Values information Leakage Vulnerability Cve 2020 27986
SonarQube values Information leakage vulnerability CVE-2020-27986
Vulnerability Description
SonarQube has information leakage vulnerabilities in a certain interface, which can obtain some sensitive information.
Vulnerability Impact
SonarQube
Network surveying and mapping
Vulnerability reappears
The homepage is as follows
Vulnerable POC
https://xxx.xxx.xxx.xxx/api/settings/values
What can be leaked are: plaintext SMTP, SVN and Gitlab and other sensitive information
This post is licensed under CC BY 4.0 by the author.