CVE-2005-4862 Information

Description

The search functionality in XWiki 0.9.793 indexes cleartext user passwords which allows remote attackers to obtain sensitive information via a search string that matches a password.

Reference

http://jira.xwiki.org/jira/browse/XWIKI-70