CVE-2018-20243

High

The implementation of POST with the username and password in the URL parameters exposed the credentials. More infomration is available in…

apache·CWE-522·Published 2020-10-13

CVSS

7.5

EPSS

0.03

KEV

Exploits

cve.orgen

171 chars

The implementation of POST with the username and password in the URL parameters exposed the credentials. More infomration is available in fineract jira issues 726 and 629.

NVDen

171 chars

The implementation of POST with the username and password in the URL parameters exposed the credentials. More infomration is available in fineract jira issues 726 and 629.

La implementación de POST con el nombre de usuario y contraseña en los parámetros de URL exponía las credenciales. Mayor información está disponible en emisiones de fineract jira 726 y 629

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N