Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript session timeout re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser’s cache.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Xpede | Workforceroi | 4.1 | 4.1 |
Xpede | Workforceroi | 7.0 | 7.0 |