The Debian package of knowledgetree 2.0.7 creates environment.php with world-readable permissions, which allows local users to obtain sensitive information such as the username and password for the KnowledgeTree database.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Knowledgetree | Knowledgetree | 2.0.7 | 2.0.7 |