Louis created PLUTO-782: --------------------------- Summary: Passwords on tomcat manager Key: PLUTO-782 URL: https://issues.apache.org/jira/browse/PLUTO-782 Project: Pluto Issue Type: Bug Affects Versions: 3.1.0 Reporter: Louis Assignee: Neil Griffin
Hi, I just downloaded your software and saw that the passwords used to protect the local tomcat users are very predictable. It would be better to disable those accounts as they basically allow anyone to get command execution on the underlying server. People in charge can then add those accounts based on their requirements. Regards, Louis -- This message was sent by Atlassian Jira (v8.3.4#803005)