CVE-2020-24227

Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to UserProfiles.sol to extract the email and password.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
VendorProductVersion
playgroundsessionsplayground_sessions
𝑥
≤ 2.5.582
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/nathunandwani/CVE-2020-24227
https://github.com/nathunandwani/CVE-2020-24227