[Owncloud] Password is stored in Session

Simon Opitz simon.opitz at isx-software.de
Thu Dec 22 11:05:25 UTC 2011

Previous message: [Owncloud] pdf viewer and google code-in
Next message: [Owncloud] Password is stored in Session
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

today I found out that the users password is being stored in the session
variables in clear text.
you might want to delete line 197 in user.php to get rid this security issue
;)

opitzfamilys


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20111222/1b090ed0/attachment.html>

Previous message: [Owncloud] pdf viewer and google code-in
Next message: [Owncloud] Password is stored in Session
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Owncloud mailing list