Vulnerabilities (CVE)

Filtered by vendor Apache Subscribe
Filtered by product Rave
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-1814 1 Apache 1 Rave 2024-11-21 4.0 MEDIUM N/A
The users/get program in the User RPC API in Apache Rave 0.11 through 0.20 allows remote authenticated users to obtain sensitive information about all user accounts via the offset parameter, as demonstrated by discovering password hashes in the password field of a response.