Unrated severityNVD Advisory· Published Aug 12, 2002· Updated Apr 16, 2026

CVE-2002-0487

Description

Intellisol Xpede 4.1 stores passwords in plaintext in a Javascript "session timeout" re-authentication capability, which could allow local users with access to gain privileges of other Xpede users by reading the password from the source file, e.g. from the browser's cache.

Affected products

Workforceroi/Xpede2 versions
cpe:2.3:a:workforceroi:xpede:4.1:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:workforceroi:xpede:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:workforceroi:xpede:7.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/4346nvdExploitVendor Advisory
www.iss.net/security_center/static/8612.phpnvdVendor Advisory
www.securityfocus.com/archive/1/263485nvdVendor Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000