Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2002-06-11T04:00:00

Updated: 2024-08-08T02:49:28.895Z

Reserved: 2002-06-07T00:00:00

Link: CVE-2002-0487

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2002-08-12T04:00:00.000

Modified: 2024-11-20T23:39:12.470

Link: CVE-2002-0487

cve-icon Redhat

No data.