Clear-text Password Exposure in Crystal Reports HTML Pages

Clear-text Password Exposure in Crystal Reports HTML Pages

CVE-2001-1464 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.

Learn more about our User Device Pen Test.