2.0.5

DATE	CVE	VULNERABILITY TITLE	RISK
2008-03-20	CVE-2008-1394	Credentials Management vulnerability in Plone CMS Plone CMS before 3 places a base64 encoded form of the username and password in the __ac cookie for all user accounts, which makes it easier for remote attackers to obtain access by sniffing the network. network low complexity plone CWE-255	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.