Medium severity6.5NVD Advisory· Published Oct 2, 2017· Updated Jun 17, 2026
CVE-2017-14941
CVE-2017-14941
Description
Jaspersoft JasperReports 4.7 suffers from a saved credential disclosure vulnerability, which allows a remote authenticated user to retrieve stored Data Source passwords by accessing flow.html and reading the HTML source code of the page reached in an Edit action for a Data Source connector.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:jaspersoft:jasperreports:4.7.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:jaspersoft:jasperreports:4.7.0:*:*:*:*:*:*:*
- (no CPE)range: 4.7
Patches
Vulnerability mechanics
References
1- github.com/binary1985/VulnerabilityDisclosure/blob/master/JasperSoft%20JasperReports%20-%204.7%20-%20CVE-2017-14941nvdIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.