CVE-2008-5670

Опубликовано: 19 дек. 2008

Источник: debian

Описание

Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
textpattern	fixed	4.0.6-1		package

Связанные уязвимости

CVE-2008-5670

ubuntu

почти 17 лет назад

Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session.

CVE-2008-5670

nvd

почти 17 лет назад

Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session.

GHSA-rr2v-7hf7-65mj

github

больше 3 лет назад

Textpattern (aka Txp CMS) 4.0.5 does not ask for the old password during a password reset, which makes it easier for remote attackers to change a password after hijacking a session.