AI Score
Confidence
High
EPSS
Percentile
68.9%
SMTP clients using net/smtp can use the PLAIN authentication scheme on network connections not secured with TLS, exposing passwords to man-in-the-middle SMTP servers.
go.dev/cl/68170
go.dev/issue/22134
go.googlesource.com/go/+/ec3b6131de8f9c9c25283260c95c616c74f6d790
groups.google.com/g/golang-dev/c/RinSE3EiJBI/m/kYL7zb07AgAJ