CVE-2005-3429
Rockliffe MailSite Express before 6.1.22 stores user passwords in plaintext in cookies when the “save login information” option is enabled. This enables local users to read cookies to obtain passwords and allows remote attackers to steal cookies via cross-site scripting (XSS) vulnerabilities. Aff...