CVE-2022-1021

Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0...

CVE-2022-1021 Insecure Storage of Sensitive Information in chatwoot/chatwoot

Insecure Storage of Sensitive Information in GitHub repository chatwoot/chatwoot prior to 2.6.0...

CVE-2022-1021

CVE-2022-1021 affects chatwoot/chatwoot prior to 2.6.0 with insecure storage of sensitive information. The connected documents corroborate this, citing risks around exposure of sensitive data (e.g., authentication-related data) and, in some sources, a cross-site scripting vector that can enable t...

PT-2022-13596 · Chatwoot · Chatwoot

Name of the Vulnerable Software and Affected Versions: chatwoot/chatwoot versions prior to 2.6.0 Description: The issue concerns insecure storage of sensitive information in the GitHub repository chatwoot/chatwoot. Recommendations: For versions prior to 2.6.0, update to version 2.6.0 or later to...

chatwoot 跨站脚本漏洞

chatwoot is a software application. Customer Engagement Suite, an open source alternative to Intercom, Zendesk, Salesforce Service Cloud and more. A cross-site scripting vulnerability exists in versions prior to chatwoot 2.6.0 that stems from insecure storage of sensitive information...

Authentication flaw

Emerson OpenBSI through 2022-04-29 mishandles credential storage. It is an engineering environment for the ControlWave and Bristol Babcock line of RTUs. This environment provides access control functionality through user authentication and privilege management. The credentials for various users a...

Emerson OpenBSI

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Emerson Equipment: OpenBSI Vulnerabilities: Use of Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key CISA is aware of a public report, “OT:ICEFALL,” that details...

Exploit for Use of a Broken or Risky Cryptographic Algorithm in Blink1 Blink1Control2

blink1-pass-decrypt ⭐ poc and simple script designed for rever...

Insecure Storage of Sensitive Information

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Insecure Storage of Sensitive Information via the manageprojeditpage.php parameter. An attacker can retrieve private project names without proper access rights by manipulating the projectid...

GHSA-QPJ5-F88Q-X7PX MantisBT Insecure Storage in manage_proj_edit_page.php

In manageprojeditpage.php in MantisBT before 2.24.4, any unprivileged logged-in user can retrieve Private Projects' names via the manageprojeditpage.php projectid parameter, without having access to them...

CVE-2022-1044

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1...

CVE-2022-1044

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1...

Design/Logic Flaw

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1...

CVE-2022-1044

The CVE-2022-1044 entry affects the open-source helpdesk/trudesk project (polonel/trudesk) prior to version 1.2.1, where profile images were stored insecurely. The root cause is insecure storage of user profile image data, which can lead to exposure of sensitive information. Multiple connected so...

CVE-2022-1044 Sensitive Data Exposure Due To Insecure Storage Of Profile Image in polonel/trudesk

Sensitive Data Exposure Due To Insecure Storage Of Profile Image in GitHub repository polonel/trudesk prior to v1.2.1...

Chris Brame Trudesk 安全漏洞

Chris Brame Trudesk is an open source helpdesk/ticketing solution from Chris Brame USA. A security vulnerability exists in versions prior to Chris Brame Trudesk 1.2.1, which stems from insecure storage of profile images, leading to the disclosure of sensitive data...

CVE-2022-1257

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...

CVE-2022-1257

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...

CVE-2022-1257

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...

CVE-2022-1257 Improper Verification of Cryptographic Signature by McAfee Agent

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...