Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

NVD
NVDadded 2019/09/14 12:15 a.m.13 views

CVE-2019-16303

A class generated by the Generator in JHipster before 6.3.0 and JHipster Kotlin through 1.1.0 produces code that uses an insecure source of randomness apache.commons.lang3 RandomStringUtils. This allows an attacker if able to obtain their own password reset URL to compute the value for all other...

9.8CVSS9.7AI score0.01904EPSS
Exploits1References8
CVE
CVEadded 2019/09/13 11:43 p.m.265 views

CVE-2019-16303

CVE-2019-16303 affects JHipster-generated apps: a class produced by the Generator (before 6.3.0) and JHipster Kotlin (through 1.1.0) uses an insecure RNG (apache.commons.lang3 RandomStringUtils) to create password reset tokens. This can enable an attacker who obtains their own password reset URL ...

9.8CVSS9.6AI score0.01904EPSS
Exploits1References8Affected Software2
Rows per page
Query Builder