CVE-2017-14941
CVE-2017-14941 affects JasperReports 4.7. The vulnerability stems from passwords stored in clear text for Data Source Connectors, enabling a remote, authenticated user to view stored Data Source passwords by accessing flow.html during an Edit operation for a Data Source. The attack relies on acce...