User's credentials are incorrectly requested under some conditions.
vulners.com/securityvulns/securityvulns:doc:29444