What the vulnerability does
01Description
Insertion of Sensitive Information Into Sent Data vulnerability in Softaculous FormLayer allows Retrieve Embedded Sensitive Data. This issue affects FormLayer: from n/a through 1.0.6.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
What the vulnerability does
Insertion of Sensitive Information Into Sent Data vulnerability in Softaculous FormLayer allows Retrieve Embedded Sensitive Data. This issue affects FormLayer: from n/a through 1.0.6.
Explanation of Vulnerability in Simple Terms
FormLayer versions up to 1.0.6 expose sensitive information that can be read over the network without authentication. An attacker can retrieve partial data from the application without needing to log in or interact with a user. The vulnerability has a low confidentiality impact and does not affect data integrity or availability.
What an attacker can do
Read sensitive information from the application over the network without authentication.
Potential impact on your site
Sensitive data may be exposed to unauthenticated attackers if FormLayer is publicly accessible.
Conditions required to exploit
Network access to the FormLayer instance; no authentication or user interaction required.
Key dates
External resources
Related vulnerabilities