2 matches found
GHSA-57Q2-6CP4-9MQ3 XWiki exposes passwords and emails stored in fields not named password/email in xml.vm
Impact The XML export of a page in XWiki that can be triggered by any user with view rights on a page by appending ?xpage=xml to the URL includes password and email properties stored on a document that aren't named password or email. This allows any user to obtain the salted and hashed user accou...
HP AdvanceStack Switch - Authentication Bypass
HP AdvanceStack Switch - Authentication Bypass source: https://www.securityfocus.com/bid/4062/info HP AdvanceStack 10Base-T Switching Hubs combine 10Base-T functionality with the performance of switching. It has been reported that authentication for HP J3210A 10Base-T Switching Hubs may be bypass...