VYPR
Medium severity5.3NVD Advisory· Published Apr 27, 2020· Updated Jun 17, 2026

CVE-2020-11821

CVE-2020-11821

Description

In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding, base64 encoding, and hashing. Thus, an attacker can easily apply brute force on them.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.