Vulnerabilities > CVE-2006-3398 - Unspecified vulnerability in PKR Internet Taskjitsu 0.1/2.0

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

The "change password forms" in Taskjitsu before 2.0.1 includes password hashes in hidden form fields, which allows remote attackers to obtain sensitive information from the (1) Category Editor and (2) User Information editor.

Vulnerable Configurations

Part Description Count
Application
Pkr_Internet
2