← back
CVE-2015-1608

CVE-2015-1608

EPSS 1.3%
Topline Opportunity Form (aka XLS Opp form) before 2015-02-15 does not properly restrict access to database-connection strings, which allows attackers to read the cleartext version of sensitive credential and e-mail address information via unspecified vectors.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://www.kb.cert.org/vuls/id/669156http://www.kb.cert.org/vuls/id/BLUU-9RUTH4http://www.securityfocus.com/bid/72518