CVE-2019-13410 TOPMeeting version before version 8.8 (2019/08/19) allows an attacker to obtain sensitive information

2019-10-1719:25:59

CWE-200

twcert

www.cve.org

AI Score

7.5

Confidence

High

EPSS

0.001

Percentile

51.2%

JSON

TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page.

CNA Affected

[
  {
    "product": "TOPMeeting",
    "vendor": "TOPOO Technology",
    "versions": [
      {
        "status": "affected",
        "version": "before version 8.8 (2019/08/19)"
      }
    ]
  }
]

References

tvn.twcert.org.tw/taiwanvn/TVN-201907002

www.twcert.org.tw/en/cp-128-3020-27eb5-2.html