Описание
SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 2.4.5-1 |
| devel | released | 2.4.5-1 |
| edgy | released | 2.4.5-1 |
| feisty | released | 2.4.5-1 |
| gutsy | released | 2.4.5-1 |
| upstream | released | 2.4.4 |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 59%
0.00387
Низкий
5 Medium
CVSS2
Связанные уязвимости
nvd
почти 19 лет назад
SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history.
debian
почти 19 лет назад
SQL-Ledger before 2.4.4 stores a password in a query string, which mig ...
github
больше 3 лет назад
SQL-Ledger before 2.4.4 stores a password in a query string, which might allow context-dependent attackers to obtain the password via a Referer field or browser history.
EPSS
Процентиль: 59%
0.00387
Низкий
5 Medium
CVSS2