One Click Orgs before 1.2.3 does not have an off autocomplete attribute for authentication fields, which makes it easier for remote attackers to obtain access by leveraging an unattended workstation.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 01:32
Type | Values Removed | Values Added |
---|---|---|
References | () http://dmcdonald.net/?page_id=43 - | |
References | () https://groups.google.com/group/oneclickorgs-devspace/msg/26c40a4cc9e127d2?hl=en&dmode=source&output=gplain - |
Information
Published : 2011-12-06 11:55
Updated : 2024-11-21 01:32
NVD link : CVE-2011-4677
Mitre link : CVE-2011-4677
CVE.ORG link : CVE-2011-4677
JSON object : View
Products Affected
oneclickorgs
- one_click_orgs
CWE
CWE-287
Improper Authentication