Описание
The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user to change any user's account password include the admin account.
The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user to change any user's account password include the admin account.
EPSS
Процентиль: 57%
0.00349
Низкий
CVE ID
Связанные уязвимости
CVSS3: 8.8
nvd
больше 5 лет назад
The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user to change any user's account password include the admin account.
EPSS
Процентиль: 57%
0.00349
Низкий