RuoYi-Vue Password Information Disclosure Vulnerability

A vulnerability in RuoYi-Vue versions up to 3.8.9 allows for the cleartext storage of sensitive information, specifically encrypted passwords, in cookies. This issue arises in the Password Handler component, particularly within the files jsencrypt.js and login.vue. The vulnerability can be exploited remotely, although the complexity of the attack is considered high.

Impact

Exploitation of this vulnerability could lead to unauthorized access to user accounts by allowing attackers to decrypt and obtain stored passwords.

Reproduction

To reproduce this vulnerability, log into a RuoYi-Vue application version 3.8.9 or earlier. On the login page, select the 'remember me' option. After logging in, the cookie will contain the encrypted password. The private key needed to decrypt this password is hardcoded in jsencrypt.js, allowing for decryption of the password from the cookie.