3 matches found
CVE-2024-47529
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting s...
CVE-2024-47529
Summary: OpenC3 COSMOS stores a user password in unencrypted form in the browser’s LocalStorage, creating a risk of password exfiltration via cross-site scripting (XSS). The issue is documented as affecting the Open Source edition and is fixed in version 5.19.0 (Open Source edition). What’s affec...
CVE-2024-47529 OpenC3 COSMOS uses clear text storage of password/token (`GHSL-2024-129`)
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. OpenC3 COSMOS stores the password of a user unencrypted in the LocalStorage of a web browser. This makes the user password susceptible to exfiltration via Cross-site scripting s...