Количество 2
Количество 2
CVE-2023-49274
Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a user enumeration attack is possible when SMTP is not set up correctly, but reset password is enabled. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue.
GHSA-8qp8-9rpw-j46c
SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-49274 Umbraco is an ASP.NET content management system (CMS). Starting in version 8.0.0 and prior to versions 8.18.10, 10.8.1, and 12.3.4, a user enumeration attack is possible when SMTP is not set up correctly, but reset password is enabled. Versions 8.18.10, 10.8.1, and 12.3.4 contain a patch for this issue. | CVSS3: 3.7 | 0% Низкий | около 2 лет назад |
| GHSA-8qp8-9rpw-j46c SMTP misconfiguration leading to "Forgot Password" exploit that leaks registered user email. | CVSS3: 3.7 | 0% Низкий | около 2 лет назад |
Уязвимостей на страницу