Back to search
CVE-2010-4758
Published: Mar 18, 2011
Modified: Sep 16, 2024
PUBLISHED
Description
installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Mail Password field that uses the text type, instead of the password type, for its INPUT element, which makes it easier for physically proximate attackers to obtain the password by reading the workstation screen.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://bugs.otrs.org/show_bug.cgi?id=6302
x_refsource_CONFIRM
http://source.otrs.org/viewvc.cgi/otrs/CHANGES?revision=1.1807
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now