An attacker can access to "Forgot my... CVE-2022-23172

4.0 AV AC AU C I A
发布: 2022-07-06
修订: 2022-07-14

An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. This way you can verify which users are in the system and which are not.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有1条受影响产品信息