3 matches found
CVE-2022-23172
creationtimestamp| type| source ---|---|--- 2022-07-06 18:14:28+00:00| seen| https://t.me/cibsecurity/45662...
CVE-2022-23172
The CVE-2022-23172 entry describes a user-enumeration via the password-reset workflow: an attacker can trigger the "Forgot my password" flow and learn which usernames exist based on the system’s response. Connected documents mention specific contexts (e.g., Priority Software Priority ERP) where a...
CVE-2022-23172 Priority - Priority User Enumeration
An attacker can access to "Forgot my password" button, as soon as he puts users is valid in the system, the system would issue a message that a password reset email had been sent to user. This way you can verify which users are in the system and which are not...