exploitDog

CVE-2023-26984

Опубликовано: 29 мар. 2023

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request.

Ссылки

https://github.com/Peppermint-Lab/peppermint/tree/master
Product
https://github.com/bypazs/CVE-2023-26984
Exploit
Third Party Advisory
https://peppermint.sh/
Product
https://github.com/Peppermint-Lab/peppermint/tree/master
Product
https://github.com/bypazs/CVE-2023-26984
Exploit
Third Party Advisory
https://peppermint.sh/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:peppermint:peppermint:0.2.4:*:*:*:*:*:*:*

EPSS

Процентиль: 78%

0.01109

Низкий

8.1 High

CVSS3

Дефекты

CWE-639

CWE-639

Связанные уязвимости

GHSA-h7cr-qr22-43ch

CVSS3: 8.1

github

почти 3 года назад

An issue in the password reset function of Peppermint v0.2.4 allows attackers to access the emails and passwords of the Tickets page via a crafted request.

EPSS

Процентиль: 78%

0.01109

Низкий

8.1 High

CVSS3

Дефекты

CWE-639

CWE-639