Cross-site scripting (XSS) vulnerability in IBM WebSphere Service Registry and Repository (WSRR) 7.5.x before 7.5.0.4 and 8.x through 8.0.0.2 allows remote authenticated users to inject arbitrary web. Rated low severity (CVSS 3.5), this vulnerability is remotely exploitable.
Apple Safari 6.0.5 on Mac OS X 10.7.5 and 10.8.5 stores cleartext credentials in LastSession.plist, which allows local users to obtain sensitive information by reading this file. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.
Valve Bug Reporter in the valve-bugreporter package 2.10+bsos1 in Valve SteamOS Beta stores cleartext credentials in a .valve-bugreporter.cfg file upon a Remember Credentials action, which allows. Rated low severity (CVSS 2.1), this vulnerability is low attack complexity. No vendor patch available.