Exposure of Attendees' Account and Password in TOPMeeting (before version 8.8)

Exposure of Attendees' Account and Password in TOPMeeting (before version 8.8)

CVE-2019-13410 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page.

Learn more about our Web Application Penetration Testing UK.