3 matches found
CVE-2021-29023
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable...
CVE-2021-29023
InvoicePlane 1.5.11 doesn't have any rate-limiting for password reset and the reset token is generated using a weak mechanism that is predictable...
CVE-2021-29023
InvoicePlane 1.5.11 is affected by a vulnerability where there is no rate limiting for password resets and the reset token is generated by a weak, predictable mechanism. Affected component is the password reset flow within InvoicePlane; root cause is lack of rate-limiting and weak token generatio...