2005-09-08 04:00:00
mitre
PUBLISHED
Ariba Spend Management System sends the username and password to the server in plaintext in a POST request, which allows remote attackers to obtain sensitive information.