CVE-2017-14943

Trapeze TransitMaster is vulnerable to information disclosure emails / hashed passwords via a modified userID field in JSON data to ManageSubscriber.aspx/GetSubscriber. NOTE: this software is independently deployed at multiple municipal transit systems; it is not found exclusively on the...

Information disclosure

Trapeze TransitMaster is vulnerable to information disclosure emails / hashed passwords via a modified userID field in JSON data to ManageSubscriber.aspx/GetSubscriber. NOTE: this software is independently deployed at multiple municipal transit systems; it is not found exclusively on the...

CVE-2017-14943

Trapeze TransitMaster is vulnerable to information disclosure emails / hashed passwords via a modified userID field in JSON data to ManageSubscriber.aspx/GetSubscriber. NOTE: this software is independently deployed at multiple municipal transit systems; it is not found exclusively on the...

CVE-2017-14943

CVE-2017-14943 affects Trapeze TransitMaster. The vulnerability permits information disclosure (emails and hashed passwords) through a modified userID field in JSON data sent to ManageSubscriber.aspx/GetSubscriber. The available sources describe the impact but do not specify affected versions, ex...