CVE-2002-0487 in WorkforceROI Xpedeinfo

Summary

Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser s cache.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Disclosure

08/12/2002

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
18543	WorkforceROI Xpede Javascript Password information disclosure	200	Not defined	Not defined	CVE-2002-0487

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Do you know our Splunk app?

Download it now for free!