CVE-2022-40295

The application was vulnerable to an authenticated information disclosure, allowing administrators to view unsalted user passwords, which could lead to the compromise of plaintext passwords via offline attacks. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt