[原文]Michael Scholz and Sebastian Stein Contineo 2.0, when the admin account lacks an e-mail address attribute, displays the password hash in a warning upon page reload, which might allow remote attackers to view the hash.
Contineo contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to the password hash when you do not enter an email address for the admin account during setup. When the page reloads, the password field contains the password hash, which may lead to a loss of confidentiality.
Upgrade to version 2.1 Beta 1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.