CVE-2018-11554
Affected software: YzmCMS v3.2–v3.7 (index.php/member/reset/reset_email.html). Root cause / issue type: response discrepancy information exposure and an unexpectedly long lifetime for the verification code in the forgotten-password flow. Impact (as stated): easier for remote attackers to hijack a...