CVE-2002-0487
Summary
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache.
- LOW
- LOCAL
- NONE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published