An issue exists in Epikur prior to 20.1.1. It stores the secret passwords of the users as MD5 hashes in the database. MD5 can be brute-forced efficiently and should not be used for such purposes. Additionally, since no salt is used, rainbow tables can speed up the attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
epikur epikur |