Vulnerabilities (CVE)

Filtered by vendor Swift Subscribe
Filtered by product Alliance Web Platform
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-16386 1 Swift 1 Alliance Web Platform 2024-02-28 5.0 MEDIUM 7.5 HIGH
An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary log filename) can be achieved via the PATH_INFO to swp/login/EJBRemoteService/, related to com.swift.ejbgwt.j2ee.client.EjBlnvocationException error log information containing null@java:comp/env/ error messages.