CVE-2022-44381

Опубликовано: 25 дек. 2022

Источник: debian

Описание

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.

Пакет	Статус	Версия исправления	Релиз	Тип
snipe-it	itp			package

CVE-2022-44381

CVSS3: 5.3

nvd

около 3 лет назад

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.

GHSA-qqv9-gqh5-7h99

CVSS3: 5.3

github

около 3 лет назад

Snipe-IT allows attackers to check whether a user account exists