CVE-2012-2299

Name of the Vulnerable Software and Affected Versions Ubercart module versions 6.x-2.x through 6.x-2.7 Ubercart module versions 7.x-3.x through 7.x-3.0

Description The issue allows local users to obtain sensitive information by reading from the database because passwords for new customers are stored in plaintext during checkout.

Recommendations For Ubercart module versions 6.x-2.x through 6.x-2.7, update to version 6.x-2.8 or later. For Ubercart module versions 7.x-3.x through 7.x-3.0, update to version 7.x-3.1 or later.