2005-07-14 04:00:00
mitre
PUBLISHED
Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session IDs from cookies and gain unauthorized access via a brute force attack.