Clear text password shown in WS-Security profile outflow
The password to the WS-Security profile outflow page is not obfuscated (masked by '*' characters) while being entered.
STEPS TO REPRODUCE
- Navigate to: Records > Security > WS-Securtiy Profile > OutFlow.
- Click on the password field.
- Type in a password it is displayed in clear text. It does not asterisk-out what the user is typing.
A defect in Pegasystems’ code or rules.
0% found this useful