CVE-2021-28399

Опубликовано: 26 апр. 2021

Источник: debian

Описание

OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid username and email address via the forgot password function.

Пакет	Статус	Версия исправления	Релиз	Тип
orangehrm	itp			package

CVE-2021-28399

CVSS3: 5.3

nvd

почти 5 лет назад

OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid username and email address via the forgot password function.

GHSA-j4rv-w4j7-w5fq

github

больше 3 лет назад

OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid username and email address via the forgot password function.