Описание
HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability. This can allow autocomplete on password fields may lead to unintended storage or disclosure of sensitive credentials, potentially increasing the risk of unauthorized access. This issue affects AION: 2.0.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:hcltech:aion:2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 15%
0.00047
Низкий
3.7 Low
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-522
Связанные уязвимости
CVSS3: 3.7
github
2 месяца назад
HCL AION is affected by an Autocomplete HTML Attribute Not Disabled for Password Field vulnerability. This can allow autocomplete on password fields may lead to unintended storage or disclosure of sensitive credentials, potentially increasing the risk of unauthorized access. This issue affects AION: 2.0.
EPSS
Процентиль: 15%
0.00047
Низкий
3.7 Low
CVSS3
6.5 Medium
CVSS3
Дефекты
CWE-522