CVE-2022-22789

Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...

CVE-2022-22789

Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...

Design/Logic Flaw

Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...

CVE-2022-22789

Charactell FormStorm Enterprise contains a vulnerability where an attacker can modify the passwords file (xx_users.ini) used for all users, enabling account takeover. The xx_users.ini stores usernames in cleartext and an obfuscated password, allowing a malicious user to replace an existing passwo...

CVE-2022-22789 Charactell - FormStorm Enterprise Account Take Over

Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...

Charactell FormStorm 安全漏洞

Charactell FormStorm is a state-of-the-art form processing software from Charactell USA. A security vulnerability exists in Charactell FormStorm Enterprise, which can be exploited by an attacker to modify add, delete, and update all users' password files and take over accounts...