Insecure Storage of Administrator Password in Plaintext Cookie

Insecure Storage of Administrator Password in Plaintext Cookie

CVE-2003-1454 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access.

Learn more about our Web Application Penetration Testing UK.