Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.9 views

CVE-2025-15398

A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password recovery. The attack can be executed remotely. This attack...

6.3CVSS4.6AI score0.00484EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/31 10:2 p.m.3 views

CVE-2025-15398 Uasoft badaso Token BadasoAuthController.php forgetPassword password recovery

A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password recovery. The attack can be executed remotely. This attack...

6.3CVSS6.3AI score0.00484EPSS
Exploits1References5
CVE
CVE
added 2025/12/31 10:2 p.m.21 views

CVE-2025-15398

Uasoft Badaso up to version 2.9.7 has a weakness in the forgetPassword path of the Token Handler (src/Controllers/BadasoAuthController.php). The vulnerability, described as a remote‑executable weakness in password recovery, arises from the forgetPassword function and is characterized by high atta...

8.1CVSS6.3AI score0.00484EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2025/12/31 10:2 p.m.28 views

CVE-2025-15398 Uasoft badaso Token BadasoAuthController.php forgetPassword password recovery

A security vulnerability has been detected in Uasoft badaso up to 2.9.7. Affected is the function forgetPassword of the file src/Controllers/BadasoAuthController.php of the component Token Handler. Such manipulation leads to weak password recovery. The attack can be executed remotely. This attack...

6.3CVSS0.00484EPSS
Exploits1References5
Rows per page
Query Builder