Headline
ICT Protege GX/WX 2.08 Client-Side SHA1 Password Hash Disclosure
The application is vulnerable to improper access control that allows an authenticated operator to disclose SHA1 password hashes (client-side) of other users/operators.
The application is vulnerable to improper access control that allows an authenticated operator to disclose SHA1 password hashes (client-side) of other users/operators.