New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

CWE-312 Cleartext Storage of Sensitive Information #2329

Open

0x30Rizk opened this issue Aug 5, 2022 · 0 comments

Labels

bug

0x30Rizk commented Aug 5, 2022

描述您遇到的bug
terminal plugin <= v1.0.2，該密碼已明文顯示

如何重现
訪問至terminal plugin的configuratioin檔案

预期行为
顯示明文密碼，攻擊者可能透過這資訊ssh連線至主機

截图

附加

0x30Rizk added the bug label

# for free to join this conversation on GitHub. Already have an account? # to comment