2002-08-31 04:00:00
mitre
PUBLISHED
CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users.