CVE-2001-1536

Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.

Date published : 2005-07-14

http://www.securityfocus.com/bid/3587

http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html