Uploaded image for project: 'CiviCRM'
  1. CiviCRM
  2. CRM-5384

Stack trace when mail processor has an error includes passwords in plain text

          Details

          • Type: Improvement
          • Status: Done/Fixed
          • Priority: Minor
          • Resolution: Won't Fix
          • Affects Version/s: 3.0.2
          • Fix Version/s: 4.3.0
          • Component/s: CiviMail
          • Labels:
            None

            Description

            When the mail processor has some kind of error and prints a stack trace, the password it was using to log in is output as part of the trace in plain text, e.g.

            ...
            MailStore.php(65): CRM_Mailing_MailStore_Pop3->__construct('servername', 'username', 'password', true)
            ...

              Attachments

                Activity

                  People

                  • Assignee:
                    lobo Donald A. Lobo
                    Reporter:
                    demeritcowboy Dave D
                  • Votes:
                    0 Vote for this issue
                    Watchers:
                    1 Start watching this issue

                    Dates

                    • Created:
                      Updated:
                      Resolved: