← back
CVE-2002-0487

CVE-2002-0487

EPSS 0.4%
Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.iss.net/security_center/static/8612.phphttp://www.securityfocus.com/archive/1/263485http://www.securityfocus.com/bid/4346