3 matches found
CVE-2022-23172
creationtimestamp| type| source ---|---|--- 2022-07-06 18:14:28+00:00| seen| https://t.me/cibsecurity/45662...
CVE-2022-23172 Priority - Priority User Enumeration
An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. This way you can verify which users are in the system and which are not...
CVE-2022-23172
The CVE-2022-23172 entry describes a user-enumeration via the password-reset workflow: an attacker can trigger the "Forgot my password" flow and learn which usernames exist based on the system’s response. Connected documents mention specific contexts (e.g., Priority Software Priority ERP) where a...