3 matches found
CVE-2023-3222
creationtimestamp| type| source ---|---|--- 2023-09-04 16:16:37+00:00| seen| https://t.me/cibsecurity/69790...
CVE-2023-3222 Vulnerability in the password recovery mechanism of Roundcube Password Recovery Plugin
Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values...
CVE-2023-3222
The CVE-2023-3222 entry concerns the Password Recovery plugin for Roundcube (version 1.2). The vulnerability arises in the password recovery mechanism, allowing a remote attacker to change an existing user’s password by guessing a 6-digit numeric token, with no request-rate limiting. Affected com...