CVE-2020-27986 Information

Description

LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks DISPUTED LICENSE README.md cvefilelist cvelist nvdcve nvdpages.sh scripts test-CVE-2017-1882.markdown test-CVE-2017-18822.markdown tmpvendorlinks SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP SVN and GitLab credentials via the api/settings/values URI. NOTE: reportedly the vendor’s position for SMTP and SVN is \it is the administrator’s responsibility to configure it.\

Reference

https://csl.com.co/sonarqube-auditando-al-auditor-parte-i/