Описание
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:plone:plone:2.5:*:*:*:*:*:*:*
cpe:2.3:a:plone:plone:2.5.1_rc:*:*:*:*:*:*:*
EPSS
Процентиль: 55%
0.00333
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
ubuntu
почти 19 лет назад
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on Plone 2.5 and 2.5.1 Release Candidate allows attackers to reset the passwords of other users, related to "an erroneous security declaration."
debian
почти 19 лет назад
Unspecified vulnerability in the Password Reset Tool before 0.4.1 on P ...
CVSS3: 9.1
github
больше 3 лет назад
Plone allows anonymous users to reset any users password through the web via Password Reset Tool
EPSS
Процентиль: 55%
0.00333
Низкий
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other