CVE-2003-1127

Name of the Vulnerable Software and Affected Versions Whale Communications e-Gap version 2.5

Description The issue allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor. This can be exploited by sending a request to the vulnerable API endpoint, such as "/login", using the HTTP TRACE method.

Recommendations For Whale Communications e-Gap version 2.5, consider disabling the HTTP TRACE method to prevent exploitation until a patch is available. Restrict access to sensitive pages, such as the login page, to minimize the risk of source code disclosure.