Open pantherale0 opened 3 years ago
It seems that the LDAP authentication password is stored in plaintext? All users of IceHRM with Admin access can see the LDAP password. While the account is restricted anyway, isn't it best practice to hide this password on the web UI?
It seems that the LDAP authentication password is stored in plaintext? All users of IceHRM with Admin access can see the LDAP password. While the account is restricted anyway, isn't it best practice to hide this password on the web UI?