The register_user function in client/new_account_form.php in Domain Technologie Control (DTC) before 0.32.9 includes a cleartext password in an e-mail message, which makes it easier for remote attackers to obtain sensitive information by sniffing the network.
References
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 02:06
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2011-03-07 21:00
Updated : 2024-02-28 11:41
NVD link : CVE-2011-0436
Mitre link : CVE-2011-0436
CVE.ORG link : CVE-2011-0436
JSON object : View
Products Affected
gplhost
- domain_technologie_control
CWE
CWE-310
Cryptographic Issues