CVE-2023-48122: Microweber allows a remote attacker to obtain sensitive information via the HTTP GET method

December 8, 2023

An issue in microweber v.2.0.1 and fixed in v.2.0.4 allows a remote attacker to obtain sensitive information via the HTTP GET method.

References

gist.github.com/grozdniyandy/1847ad48126d6bba39bdeb49114bc300
github.com/advisories/GHSA-p8q6-qrgj-7gx2
github.com/microweber/microweber/issues/1042
nvd.nist.gov/vuln/detail/CVE-2023-48122

Code Behaviors & Features

Detect and mitigate CVE-2023-48122 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →