NOTE: this issue has been disputed by the vendor. The error module in Novell GroupWise WebAccess allows remote attackers who have not authenticated to read potentially sensitive information, such as the version, via an incorrect login and a modified (1) error or (2) modify parameter that returns template files or the "about" information page. NOTE: the vendor has disputed this issue

**争议** 说明：这个问题是由供应商提出的。Slonbox GroupWise WebAccess的错误模块允许未验证的远程攻击者通过错误的登录和修改(1)错误或(2)返回模板文件或“关于”信息页面的修改参数来读取可能敏感的信息，例如版本。说明：供应商对这个问题表示争议。

NVD 暂无评分

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

NVD 暂无漏洞类别信息

神龙GPT 暂无漏洞类别信息（请耐心等待）