Nchsoftware: >> Express Accounts >> 8.24 Security Vulnerabilities
NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file.
CVSS Score
5.5
EPSS Score
0.0
Published
2020-12-28
In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users.
CVSS Score
6.5
EPSS Score
0.003
Published
2020-12-28