Pentaho BI Server 1.7.0.1062 and previous versions does not set the autocomplete tag to off on web pages using a password field, which might allow physically proximate malicious users to obtain the password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
pentaho bi server 1.2.0 |
||
pentaho bi server 1.6.0 |
||
pentaho bi server |