3 matches found
Information disclosure
The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database...
CVE-2010-5092
The Add Member dialog in the Security admin page in SilverStripe 2.4.0 saves user passwords in plaintext, which allows local users to obtain sensitive information by reading a database...
CVE-2010-5092
The CVE-2010-5092 issue affects SilverStripe 2.4.0 where the Add Member dialog stores passwords in plain text, enabling local information disclosure by reading the database. Root cause: plaintext password storage. Remediation: upgrade to a fixed release (e.g., SilverStripe 2.4.1) as indicated by ...