CVE-2020-24804
CVE-2020-24804 affects cms-dev/cms v1.4.rc1. The issue is in AddAdmin.py where plaintext passwords are written to audit logs, allowing an attacker to obtain sensitive information from logs. CVSSv3.1: 6.5 (MEDIUM); vector: Network, Low attack complexity, Local privileges, No user interaction, Conf...