exploitDog

CVE-2006-3398

Опубликовано: 06 июл. 2006

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields, which allows remote attackers to obtain sensitive information from the (1) Category Editor and (2) User Information editor.

Ссылки

http://www.pkrinternet.com/download/RELEASE-NOTES.txt
URL Repurposed
http://www.vupen.com/english/advisories/2006/2660
https://www.pkrinternet.com/taskjitsu/task/3400
URL Repurposed
http://www.pkrinternet.com/download/RELEASE-NOTES.txt
URL Repurposed
http://www.vupen.com/english/advisories/2006/2660
https://www.pkrinternet.com/taskjitsu/task/3400
URL Repurposed

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:pkr_internet:taskjitsu:0.1:*:*:*:*:*:*:*

cpe:2.3:a:pkr_internet:taskjitsu:2.0:*:*:*:*:*:*:*

EPSS

Процентиль: 60%

0.00391

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-8vfc-hp8c-35rf

github

почти 4 года назад

The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields, which allows remote attackers to obtain sensitive information from the (1) Category Editor and (2) User Information editor.

EPSS

Процентиль: 60%

0.00391

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other