The phpmyadmin subsystem in AlternC 0.9.5 and previous versions transmits the SQL password in cleartext in a cookie, which might allow remote malicious users to obtain the password by sniffing or by conducting a cross-site scripting (XSS) attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
alternc alternc |