Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Password type input with auto-complete enabled #10319

Closed
Showian opened this issue Jul 17, 2016 · 1 comment
Closed

Password type input with auto-complete enabled #10319

Showian opened this issue Jul 17, 2016 · 1 comment
Labels
duplicate For issues that already existed in our issue tracker and were reported previously.

Comments

@Showian
Copy link

Showian commented Jul 17, 2016

Vulnerability description
When a new name and password is entered in a form and the form is submitted, the browser asks if the password should be saved. Thereafter when the form is displayed, the name and password are filled in automatically or are completed as the name is entered. An attacker with local access could obtain the cleartext password from the browser cache.
Please add AUTOCOMPLETE="off" parameter to the login page to fix this issue
@mattab
Copy link
Member

mattab commented Jul 17, 2016

Please see #6347

@mattab mattab closed this as completed Jul 17, 2016
@mattab mattab added Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. duplicate For issues that already existed in our issue tracker and were reported previously. and removed Enhancement For new feature suggestions that enhance Matomo's capabilities or add a new report, new API etc. labels Jul 17, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
duplicate For issues that already existed in our issue tracker and were reported previously.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mattab @Showian