Description ProjectSend before r1070 writes user passwords to the server logs. Remediation References CVE-2019-11492 Related Vulnerabilities PostgreSQL Other Vulnerability (CVE-2005-0246) PHP Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2016-4073) Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2010-2422) Jenkins Missing Authorization Vulnerability (CVE-2017-1000400) PHP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2335) Severity High Classification CVE-2019-11492 CWE-532 Tags Missing Update Known Vulnerabilities