Snare for Linux before 1.7.0 has password disclosure because the rendered page contains the field RemotePassword.
The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Snare | Prophecyinternational | * | 1.7.0 (excluding) |