Main Vulnerability Database Exploits ID:4896 - Exploit for Cleartext storage of sensitive information in Playground Sessions - CVE-2020-24227

ID:4896 - Exploit for Cleartext storage of sensitive information in Playground Sessions - CVE-2020-24227

Published: December 2, 2020

Vulnerability identifier: #VU48713

Vulnerability risk: Medium

CVE-ID: CVE-2020-24227

CWE-ID: CWE-312

Exploitation vector: Remote access

Vulnerable software:
Playground Sessions

Link to public exploit:

https://github.com/nathunandwani/CVE-2020-24227

Vulnerability description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected software stores the user credentials in plain text. A remote attacker can access to UserProfiles.sol to extract the email and password.

Remediation

Install updates from vendor's website.

ID:4896 - Exploit for Cleartext storage of sensitive information in Playground Sessions - CVE-2020-24227

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human