MailEnable Professional CVE-2006-6964 Information Disclosure Vulnerability

MailEnable Professional CVE-2006-6964 Information Disclosure Vulnerability

MailEnable Professional is prone to a information disclosure vulnerability. MailEnable Professional before 1.78 provides a cleartext user password when an administrator edits the user s settings, which allows remote authenticated administrators to obtain sensitive information by viewing the HTML source.