Unrated severityNVD Advisory· Published Mar 15, 2007· Updated Jun 16, 2026
CVE-2007-1462
CVE-2007-1462
Description
The luci server component in conga preserves the password between page loads for the Add System/Cluster task flow by storing the password in the Value attribute of a password entry field, which allows attackers to steal the password by performing a "view source" or other operation to obtain the web page. NOTE: there are limited circumstances under which such an attack is feasible.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- bugzilla.redhat.com/bugzilla/show_bug.cginvdVendor Advisory
- osvdb.org/35086nvd
News mentions
0No linked articles in our index yet.