DATABASE RESOURCES PRICING ABOUT US

{"id": "7B0AAD5C-DFAE-4A4D-920A-367E2E712ABC", "vendorId": null, "type": "huntr", "bulletinFamily": "bugbounty", "title": "Weak password policy on account creation/password update", "description": "# Description\nThe password policy used in the account creation and password change pages is weak, allowing to set a password of only 1 character.\n\n# Proof of Concept\n*Case 1 - Account Creation*\n1. 1 - Login as admin and go to the users page.\n2. 2 - Create a new user and set `1` as the password and click in \"Add user\"\n3. 3 - The new user is created successfully.\n\n\\\n*Case 2 - Password Change*\n1. 1 - Login as a normal user, go to the *settings* page and click \"Edit Password\".\n2. 2 - Set `1` as the new password and click in \"Save\"\n3. 3 - The password is changed successfully.\n", "published": "2022-08-02T14:00:20", "modified": "2022-08-07T20:45:56", "cvss": {"score": 0.0, "vector": "NONE"}, "cvss2": {}, "cvss3": {}, "href": "https://www.huntr.dev/bounties/7b0aad5c-dfae-4a4d-920a-367e2e712abc/", "reporter": "vultza", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2022-08-26T19:55:56", "viewCount": 1, "enchantments": {"score": {"value": 0.2, "vector": "NONE"}, "vulnersScore": 0.2}, "_state": {"dependencies": 1661544292, "score": 1661544592, "epss": 1679304688}, "_internal": {"score_hash": "5e1085d3f2e5970d8ab09ef8029dc58c"}, "status": "valid", "cwe_id": "521", "repository": "https://github.com/plankanban/planka", "language": "JavaScript", "patch_commit_sha": "5c91bddfe7e91dfa3114ba175621b8b18289fa74"}

{}