CVE-2002-0487

Name of the Vulnerable Software and Affected Versions Intellisol Xpede version 4.1

Description The issue allows local users with access to gain privileges of other Xpede users by reading passwords stored in plaintext. This is due to a "session timeout" re-authentication capability in the Javascript code.

Recommendations For Intellisol Xpede version 4.1, consider disabling the re-authentication capability until a patch is available to prevent local users from accessing plaintext passwords. Restrict access to the source file and clear browser caches to minimize the risk of exploitation.