Topic

OAuth

A collection of 9 issues

CVE-2022-30622 The system discloses usernames and passwords, which means it's possible to enter the system. The system loads the request clearly by default.

The server code is very vulnerable, as it is described in the following example. In addition, the server has hard-coded authentication credentials (admin/admin). Path access: http://api/sys_admin_password_admin.cmd - The server loads the request clearly by default. Disclosure of hard-coded login credentials within the JS
2 min read
Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe