Description ProjectSend before r1070 writes user passwords to the server logs. Remediation References CVE-2019-11492 Related Vulnerabilities MySQL CVE-2019-3018 Vulnerability (CVE-2019-3018) Jenkins Improper Access Control Vulnerability (CVE-2015-5325) Oracle HTTP Server Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3195) Nginx Improper Certificate Validation Vulnerability (CVE-2021-3618) WordPress Plugin 404 SEO Redirection SQL Injection (1.0) Severity High Classification CVE-2019-11492 CWE-532 Tags Missing Update Known Vulnerabilities