102 matches found
security flaw
The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a "view source" or other operation to obtain the w...
Low: Red Hat Bug Fix Advisory: conga bug fix update
Updated conga packages that provide critical bug fixes are now available. The Conga package is a web-based administration tool for remote cluster and storage management. This erratum applies the following bug fixes: - The borrowed Zope packages used by Conga have been patched to eliminate a...