4 matches found
CVE-2022-22789
Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...
CVE-2022-22789
creationtimestamp| type| source ---|---|--- 2022-01-25 22:18:51+00:00| seen| https://t.me/cibsecurity/36256...
CVE-2022-22789 Charactell - FormStorm Enterprise Account Take Over
Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...
CVE-2022-22789
Charactell FormStorm Enterprise contains a vulnerability where an attacker can modify the passwords file (xx_users.ini) used for all users, enabling account takeover. The xx_users.ini stores usernames in cleartext and an obfuscated password, allowing a malicious user to replace an existing passwo...