Cleartext Storage of Passwords in Cookies Vulnerability in Dialogic PowerMedia XMS
CVE-2018-11639 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:N/A:N
Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext.
Learn more about our User Device Pen Test.