Information Disclosure

2020-04-1000:12:29

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

EPSS

0.003

Percentile

65.7%

JSON

conga is vulnerable to information disclosure. An attacker is able to retrieve passwords from the source file of the web page as the passwords are found in the Value attribute of a password entry field.

References

osvdb.org/35086

access.redhat.com/errata/RHBA-2007:0331

bugzilla.redhat.com/bugzilla/show_bug.cgi?id=228637

EPSS

0.003

Percentile

65.7%

JSON

Related for VERACODE:23016