What the vulnerability does
01Description
Use of Hard-coded Credentials vulnerability in Essekia Helpie FAQ helpie-faq allows Retrieve Embedded Sensitive Data.This issue affects Helpie FAQ: from n/a through <= 1.45.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Use of Hard-coded Credentials vulnerability in Essekia Helpie FAQ helpie-faq allows Retrieve Embedded Sensitive Data.This issue affects Helpie FAQ: from n/a through <= 1.45.
Explanation of Vulnerability in Simple Terms
Helpie FAQ versions 1.45 and earlier contain a hardcoded credential vulnerability. An attacker with network access can read sensitive information by exploiting this flaw without authentication. The vulnerability allows unauthorized access to confidential data stored within the application.
What an attacker can do
Read sensitive information without logging in.
Potential impact on your site
Confidential data may be exposed to unauthenticated attackers without any action from site users.
Conditions required to exploit
Network access to the affected Helpie FAQ installation; no authentication required.
Key dates
External resources