Description ProjectSend before r1070 writes user passwords to the server logs. Remediation References CVE-2019-11492 Related Vulnerabilities Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000399) WordPress Plugin Debug Log Manager Security Bypass (2.2.1) XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2021-32732) Apache Tomcat version older than 5.5.25 WordPress Plugin Hupso Share Buttons for Twitter, Facebook & Google+ Multiple Unspecified Vulnerabilities (4.0.3) Severity High Classification CVE-2019-11492 CWE-532 Tags Missing Update Known Vulnerabilities