Описание
The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database.
The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-5092
- http://doc.silverstripe.org/sapphire/en/trunk/changelogs//2.4.1
- http://open.silverstripe.org/changeset/107532
- http://open.silverstripe.org/ticket/5772
- http://www.openwall.com/lists/oss-security/2012/04/30/1
- http://www.openwall.com/lists/oss-security/2012/04/30/3
- http://www.openwall.com/lists/oss-security/2012/05/01/3
EPSS
Процентиль: 20%
0.00064
Низкий
CVE ID
Связанные уязвимости
nvd
больше 13 лет назад
The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database.
debian
больше 13 лет назад
The Add Member dialog in the Security admin page in SilverStripe 2.4.0 ...
EPSS
Процентиль: 20%
0.00064
Низкий