CVE-2019-13023

An issue was discovered in all versions of Bond JetSelect. Within the JetSelect Application, the web interface hides RADIUS secrets, WPA passwords, and SNMP strings from ‘non administrative’ users using HTML ‘password field’ obfuscation. By using Developer tools or similar, it is possible to change the obfuscation so that the credentials are visible.

View Full Alert

Related Posts

  • CVE-2019-13285

    CoSoSys Endpoint Protector 5.1.0.2 allows Host Header Injection. View Full Alert

  • CVE-2019-17230

    includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress allows unauthenticated options changes. View Full Alert

  • CVE-2019-17231

    includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress has multiple stored XSS issues. View Full Alert