Описание
One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
Уязвимые конфигурации
Конфигурация 1Версия до 1.2.2 (включая)
Одно из
cpe:2.3:a:oneclickorgs:one_click_orgs:*:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.1.0:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.1.1:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.2.0:*:*:*:*:*:*:*
cpe:2.3:a:oneclickorgs:one_click_orgs:1.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00518
Низкий
7.5 High
CVSS2
Дефекты
CWE-287
Связанные уязвимости
github
больше 3 лет назад
One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
EPSS
Процентиль: 66%
0.00518
Низкий
7.5 High
CVSS2
Дефекты
CWE-287