Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:CVE-2020-26288
HistoryDec 30, 2020 - 8:15 p.m.

CVE-2020-26288

2020-12-3020:15:15
Google
osv.dev
5
parse server
ldap authentication
cleartext password

AI Score

7

Confidence

Low

EPSS

0.001

Percentile

39.6%

JSON

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. It is an npm package “parse-server”. In Parse Server before version 4.5.0, user passwords involved in LDAP authentication are stored in cleartext. This is fixed in version 4.5.0 by stripping password after authentication to prevent cleartext password storage.

Related

github 1
cvelist 1
prion 1
nodejs 1
veracode 1
nvd 1
osv 2
cve 1
github
github
Parse Server stores password in plain text
2020-12-28 16:33:17
cvelist
cvelist
CVE-2020-26288 Parse Server stores password in plain text
2020-12-30 19:25:17
prion
prion
Authentication flaw
2020-12-30 20:15:00
nodejs
nodejs
Password stored in plain text
2020-12-30 19:29:10
veracode
veracode
Information Disclosure
2020-12-29 09:11:57
nvd
nvd
CVE-2020-26288
2020-12-30 20:15:15
osv
osv
BIT-parse-2020-26288
2024-03-06 11:04:12
Parse Server stores password in plain text
2020-12-28 16:33:17
cve
cve
CVE-2020-26288
2020-12-30 20:15:15

AI Score

7

Confidence

Low

EPSS

0.001

Percentile

39.6%

JSON
Related for OSV:CVE-2020-26288
github1cvelist1prion1nodejs1veracode1nvd1osv2cve1