[Owncloud] Password is stored in Session

Simon Opitz simon.opitz at isx-software.de
Thu Dec 22 11:05:25 UTC 2011

today I found out that the users password is being stored in the session
variables in clear text.
you might want to delete line 197 in user.php to get rid this security issue


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/owncloud/attachments/20111222/1b090ed0/attachment.html>

More information about the Owncloud mailing list