CVE-2019-6242
Kentico CMS v10.0.42 exposes the cleartext SMTP password on the SMTP configuration page. The issue allows Global Administrators to read the stored SMTP credentials (root cause is access to configuration data containing credentials). Impact is exposure of sensitive SMTP credentials to high-privile...