CVE-2020-24227

EUVD-2020-16962
Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to UserProfiles.sol to extract the email and password.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 69%
Affected Products (NVD)
VendorProductVersion
playgroundsessionsplayground_sessions
𝑥
≤ 2.5.582
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/nathunandwani/CVE-2020-24227
https://github.com/nathunandwani/CVE-2020-24227