Skwashd

**Name of the Vulnerable Software and Affected Versions** Services Basic Authentication module versions 7.x-1.x through 7.x-1.3 **Description** The issue allows remote attackers to bypass intended resource restrictions via vectors related to page caching. **Recommendations** For versions 7.x-1.x through 7.x-1.3, update to a version later than 7.x-1.3 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** phpGroupWare versions prior to 0.9.16.002 **Description** The issue concerns the transmission of sensitive information in plaintext. Specifically, the `header admin` and `setup passwords` are sent via cookies without encryption, allowing remote attackers to intercept these passwords through sniffing. **Recommendations** For versions prior to 0.9.16.002, update to version 0.9.16.002 or later to resolve the issue. As a temporary workaround, consider restricting access to the application to minimize the risk of password interception. Avoid using the application over unsecured networks until the update is applied.