exploitDog

GHSA-vr6h-m22m-795q

Опубликовано: 19 авг. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.3

Описание

An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack.

An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack.

Ссылки

EPSS

Процентиль: 27%

0.00097

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-288

Связанные уязвимости

CVE-2025-52338

CVSS3: 5.3

nvd

6 месяцев назад

An issue in the default configuration of the password reset function in LogicData eCommerce Framework v5.0.9.7000 allows attackers to bypass authentication and compromise user accounts via a bruteforce attack.

EPSS

Процентиль: 27%

0.00097

Низкий

5.3 Medium

CVSS3

CVE ID

Дефекты

CWE-288