NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Information Disclosure
Reflect Customer Relationship Management
NVD
GitHub
CVSS 3.1
3.3
EPSS
0.2%