CVE-2018-11338
CVE-2018-11338 affects Intuit Lacerte 2017 for Windows in a client/server setup where the server sends the entire customer list in cleartext over SMB after client authentication. The exposed data includes full names, SSNs, addresses, job titles, phone numbers, emails, spouse contact details, and ...