CVE-2019-20061

Published: 2020-02-10T13:15Z

Last Modified: 2024-11-21T04:37Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The user-introduction email in MFScripts YetiShare v3.5.2 through v4.5.4 may leak the (system-picked) password if this email is sent in cleartext. In other words, the user is not allowed to choose their own initial password. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt