WWWBoard stores encrypted passwords in a password file that is under the web root and thus accessible by remote attackers.Referenceshttps://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0953
