CVE-2001-1536 Information

Description

Autogalaxy stores usernames and passwords in cleartext in cookies which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.

Reference

http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2001-11/0225.html http://www.iss.net/security_center/static/7621.php http://www.securityfocus.com/bid/3587