2009-08-24 15:00:00
mitre
PUBLISHED
Phenotype CMS before 2.9 does not use a random salt value for password encryption, which makes it easier for context-dependent attackers to determine cleartext passwords.