Description
The search functionality in XWiki 0.9.793 indexes cleartext user passwords, which allows remote attackers to obtain sensitive information via a search string that matches a password.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Appointments Cross-Site Scripting (3.11.0)
Oracle Database Server Other Vulnerability (CVE-2007-3856)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-5835)
WordPress Plugin WP Booking System Multiple Vulnerabilities (1.5.1)
WordPress Plugin Limit Login Attempts Reloaded Cross-Site Scripting (2.15.2)