Lucene search

K

Multiple valid tokens for password reset in Shopware

🗓️ 28 Apr 2022 21:17:02Reported by GitHub Advisory DatabaseType 
github
 github
🔗 github.com👁 12 Views

Multiple tokens for password reset could be used to change the password, enabling account takeover if an attacker gains access to the victim's email account

Show more
Related
Detection
Refs
28 Apr 2022 21:02Current
1.7Low risk
Vulners AI Score1.7
CVSS26.8
CVSS36.4 - 7.5
EPSS0.003
12
.json
Report