Query hashed password via QueryBuilder Servlet

Published on
10 Jan 2022
Vulnerability

Description

  • QueryBuilder is a User Interface component to create queries and filters.
  • Misconfigured AEM applications can cause many critical vulnerabilities. It is possible to fetch Query hashed password via QueryBuilder Servlet

Recommendation

  • Access restriction should be applied.
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 10 days