Описание
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
Ссылки
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mailenable:mailenable_professional:1.7:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.71:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.72:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.73:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.74:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.75:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.76:*:*:*:*:*:*:*
cpe:2.3:a:mailenable:mailenable_professional:1.77:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00151
Низкий
4 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user's settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.
EPSS
Процентиль: 36%
0.00151
Низкий
4 Medium
CVSS2
Дефекты
NVD-CWE-Other