Improper Authentication

org.jenkins-ci.plugins, active-directory is vulnerable to improper authentication. The vulnerability is due to improper handling of cached successful authentications in Windows/ADSI mode, which allows an attacker to log in as any user using any password while the valid authentication session...

GHSA-42R6-P4PX-QVV6 tgstation-server cached user logins in legacy server

Please note this advisory is for a historical preexisting issue in the legacy server from 2018. It has long since been triaged. It is being moved here for visibility. The text below is copied from the original issue 690 You can login to the server with any username/password combination if someone...

tgstation-server cached user logins in legacy server

Please note this advisory is for a historical preexisting issue in the legacy server from 2018. It has long since been triaged. It is being moved here for visibility. The text below is copied from the original issue 690 You can login to the server with any username/password combination if someone...

Use of Cache Containing Sensitive Information

Overview TGServiceInterface is a production scale tool for BYOND server management. Affected versions of this package are vulnerable to Use of Cache Containing Sensitive Information due to active logins being cached, allowing subsequent logins to succeed with any username or password. Remediation...