4 matches found
Missing password strength check in notrinos/notrinos-erp
In versions of notrinos/notrinoserp prior to 0.7 new account passwords were missing a password strength check...
GHSA-QHM8-69QH-G76J Missing password strength check in notrinos/notrinos-erp
In versions of notrinos/notrinoserp prior to 0.7 new account passwords were missing a password strength check...
GHSA-44W5-Q257-8428 Exposure of password hashes in notrinos/notrinos-erp
The AP officers account is authorized to Backup and Restore the Database, Due to this he/she can download the backup and see the password hash of the System Administrator account, The weak hash MD5 of the password can be easily cracked and get the admin password...
CVE-2022-2871
Cross-site Scripting XSS - Stored in GitHub repository notrinos/notrinoserp prior to 0.7...