3 matches found
CVE-2024-5658
The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period...
CVE-2024-5658
The CVE-2024-5658 entry affects the CraftCMS plugin “Two-Factor Authentication” (versions up to 3.3.3). The root cause is that TOTP tokens can be reused within their validity period, which is described as an improper authentication vulnerability that may allow bypassing 2FA. Practical impact is l...
CVE-2024-5658 CraftCMS Plugin - Two-Factor Authentication - TOTP Token Stays Valid After Use
The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period...