CVE-2014-2871 Information

Description

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on an HTTP session for entering credentials on login pages which allows remote attackers to obtain sensitive information by sniffing the network.

Reference

http://www.kb.cert.org/vuls/id/437385