5 matches found
CVE-2024-53552
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover...
CVE-2024-53552
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover...
CVE-2024-53552
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover...
CVE-2024-53552
CVE-2024-53552 affects CrushFTP 10 (up to 10.8.2) and 11 (up to 11.2.2); a flaw in the password reset mechanism allows an attacker to reset a user’s password via email and take full control of the account/application. The issue is confirmed in multiple sources and carries a high-severity impact (...
CVE-2024-53552
CrushFTP 10 before 10.8.3 and 11 before 11.2.3 mishandles password reset, leading to account takeover...