GHSA-r4cx-cqjr-vfr8

Опубликовано: 02 авг. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames.

Ссылки

EPSS

Процентиль: 43%

0.00206

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2022-34530

Дефекты

CWE-640

Связанные уязвимости

CVE-2022-34530

CVSS3: 5.3

nvd

больше 3 лет назад

An issue in the login and reset password functionality of Backdrop CMS v1.22.0 allows attackers to enumerate usernames via password reset requests and distinct responses returned based on usernames.

CVE-2022-34530

CVSS3: 5.3

debian

больше 3 лет назад

An issue in the login and reset password functionality of Backdrop CMS ...

EPSS

Процентиль: 43%

0.00206

Низкий

5.3 Medium

CVSS3

CVE ID

CVE-2022-34530

Дефекты

CWE-640