32 matches found
Cross-site Request Forgery (CSRF)
Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF through the sendlogin process in modules/registration.php when a registration-administrator visits a...
CVE-2026-44679 Tuist: Forgot password flow lacks throttling for reset email delivery
Tuist is a virtual platform team for Swift app devs. Prior to 1.180.10, the forgot password flow allows an unauthenticated attacker to repeatedly trigger password reset emails for a known account without server-side throttling. In self-hosted deployments, this can be abused to send large volumes ...
Received an Instagram password reset email? Here’s what you need to know
Last week, many Instagram users began receiving unsolicited emails from the platform that warned about a password reset request. The message said: “Hi username, We got a request to reset your Instagram password. If you ignore this message, your password will not be changed. If you didn’t request ...
CVE-2024-32642
Masa CMS is vulnerable to host header poisoning before versions 7.2.8, 7.3.13, and 7.4.6. This defect can enable account takeover via the password reset email by manipulating the host header. The issue is fixed in 7.2.8, 7.3.13, and 7.4.6. Remediation is to upgrade Masa CMS to one of the fixed ve...
EUVD-2024-30444
Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, there is vulnerable to host header poisoning which allows account takeover via password reset email. This vulnerability is fixed in 7.2.8, 7.3.13, and 7.4.6...
CVE-2024-32642 Host header poisoning allows account takeover via password reset email
Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, there is vulnerable to host header poisoning which allows account takeover via password reset email. This vulnerability is fixed in 7.2.8, 7.3.13, and 7.4.6...
CVE-2024-32642 Host header poisoning allows account takeover via password reset email
Masa CMS is an open source Enterprise Content Management platform. Prior to 7.2.8, 7.3.13, and 7.4.6, there is vulnerable to host header poisoning which allows account takeover via password reset email. This vulnerability is fixed in 7.2.8, 7.3.13, and 7.4.6...
PT-2025-48087
Name of the Vulnerable Software and Affected Versions Veal98 Echo Open-Source Community System versions 2.2 through 2.3 Description An unauthenticated attacker can cause the server to send email verification messages to arbitrary users via the /sendEmailCodeForResetPwd endpoint. This could lead t...
ROS-20251113-02
The Webmin hosting control panel vulnerability involves manipulating the Host header to inject a malicious domain into a password reset email. malicious domain in a password reset link email. Exploitation of the vulnerability could allow an attacker acting remotely to intercept the password reset...
CVE-2025-61541
Webmin 2.510 is vulnerable to a Host Header Injection in the password reset functionality forgotsend.cgi. The reset link sent to users is constructed using the HTTP Host header via getwebminemailurl. An attacker can manipulate the Host header to inject a malicious domain into the reset email. If ...
CVE-2025-53522
Movable Type contains an issue with use of less trusted source. If exploited, tampered email to reset a password may be sent by a remote unauthenticated attacker...
Movable Type 安全漏洞
Movable Type is a content management system from Movable Type, Inc. A security vulnerability exists in Movable Type that stems from the use of a low-trustworthy source, which could lead to a remote, unauthenticated attacker sending a doctored password reset email...
CVE-2025-27568
An unauthenticated attacker can get users' emails by knowing usernames. A password reset email will be sent in response to this unsolicited request...
CVE-2025-27568
An unauthenticated attacker can get users' emails by knowing usernames. A password reset email will be sent in response to this unsolicited request...
CVE-2025-1108
Insufficient data authenticity verification vulnerability in Janto, versions prior to r12. This allows an unauthenticated attacker to modify the content of emails sent to reset the password. To exploit the vulnerability, the attacker must create a POST request by injecting malicious content into...
CVE-2024-8979
The Essential Addons for Elementor – Best Elementor Addon, Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.0.9 via the 'initcontentlostpassworduseremailcontrols' function. This makes it...
PT-2024-1901 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.1 through 16.7.5 GitLab CE/EE versions 16.8 through 16.8.2 GitLab CE/EE versions 16.9 through 16.9.0 Description: An issue has been discovered affecting GitLab CE/EE, where under some specialized conditions, an LDAP...
PT-2023-23713 · Silverstripe · Silverstripe/Framework
Name of the Vulnerable Software and Affected Versions: Silverstripe Framework versions prior to 4.13.4 Silverstripe Framework versions prior to 5.0.13 Description: The issue arises when a new member record is created without setting a password, resulting in an empty encrypted password. If an...
User enumeration via forget password
Grafana is an open-source platform for monitoring and observability. When using the forget password on the login page, a POST request is made to the /api/user/password/sent-reset-email URL. When the username or email does not exist, a JSON response contains a “user not found” message. This leaks...
PT-2022-5543 · Owncloud · Owncloud Server
Name of the Vulnerable Software and Affected Versions: ownCloud Server versions prior to 10.11 Description: The issue is related to a misconfiguration in the ownCloud Server Docker image that affects the trusted domains config, making it useless. This could be exploited to spoof the URL in...