CVE-2006-3398

Name of the Vulnerable Software and Affected Versions Taskjitsu versions prior to 2.0.1

Description The issue concerns the "change password forms" in Taskjitsu, where password hashes are included in hidden form fields. This allows remote attackers to obtain sensitive information from the Category Editor and User Information editor.

Recommendations For versions prior to 2.0.1, update to version 2.0.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the Category Editor and User Information editor to minimize the risk of exploitation.