csp Vulnerability report: SMTP credentials in cleartext in log file

Vulnerability report: SMTP credentials in cleartext in log file

Open rommelfs opened this issue 5 years ago • 0 comments

from /tmp/console.log:

2019-07-16 23:44:31.904  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :   "mail": {
2019-07-16 23:44:31.904  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :     "host": "localhost",
2019-07-16 23:44:31.905  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :     "port": "25",
2019-07-16 23:44:31.905  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :     "username": "username",
2019-07-16 23:44:31.906  INFO 3082 --- [ool-20-thread-7] c.i.c.c.c.s.ExternalProcessService       :     "password": "password",
[...]

Jul 18 '19 06:07 rommelfs

csp csp copied to clipboard

Vulnerability report: SMTP credentials in cleartext in log file

csp
csp copied to clipboard