Description
PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.
Remediation
References
Related Vulnerabilities
PHP Use After Free Vulnerability (CVE-2016-7479)
Oracle JRE CVE-2022-21305 Vulnerability (CVE-2022-21305)
Liferay Portal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2024-26272)
WordPress Plugin WP Google Fonts Cross-Site Scripting (3.1.3)
WordPress Plugin Count per Day Information Disclosure (3.2.5)