ID CVE-2018-16987
Summary Squash TM through 1.18.0 presents the cleartext passwords of external services in the administration panel, as demonstrated by a ta-server-password field in the HTML source code.
References
Vulnerable Configurations
  • cpe:2.3:a:squashtest:squash_tm:1.18.0
    cpe:2.3:a:squashtest:squash_tm:1.18.0
CVSS
Base: 4.0
Impact:
Exploitability:
CWE CWE-255
CAPEC
refmap via4
misc
Last major update 13-09-2018 - 11:29
Published 13-09-2018 - 11:29
Last modified 30-11-2018 - 14:58
Back to Top