WorkforceROI Xpede 4.1 allows remote malicious users to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the malicious user to more easily conduct brute force password guessing attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
workforceroi xpede 4.1 |