Campsite notifyendsubs Cron MySQL Password Cleartext Remote Disclosure
Remote / Network Access
Loss of Confidentiality
Campsite contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to mysql root password by sniffing outgoing emails sent by notifyendsubs, which may lead to a loss of confidentiality.
Upgrade to version 2.3.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.