Description
The search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote attackers to obtain sensitive information via a search string that matches a password.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Statistics Multiple Unspecified Vulnerabilities (9.6.5)
WordPress Plugin Page Flip Image Gallery 'book_id' Parameter Remote File Disclosure (0.2.2)
Oracle Database Server CVE-2009-3413 Vulnerability (CVE-2009-3413)
Jetty Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-2080)
WordPress Plugin WP Popups-WordPress Popup builder Cross-Site Scripting (2.1.4.6)