2 matches found
CVE-2023-3221 User enumeration vulnerability in Roundcube Password Recovery Plugin
User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database...
CVE-2023-3221
CVE-2023-3221 affects Roundcube’s Password Recovery plugin (version 1.2). The vulnerability is a user enumeration flaw in the password recovery function, enabling a remote attacker to enumerate all users in the database. Impact is limited to information disclosure; exploitation status is not prov...