4 matches found
CVE-2021-36095
Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG OTRS Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions...
CVE-2021-36095
Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG OTRS Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions...
Design/Logic Flaw
Malicious attacker is able to find out valid user logins by using the "lost password" feature. This issue affects: OTRS AG OTRS Community Edition version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions...
b2evolution Arbitrary User Password Reset Vulnerability
b2evolution is a PHP and MySQL based blogging software developed by software developer Francois Planque. A security vulnerability exists in the 'lost password' feature in b2evolution versions prior to 6.7.9. The vulnerability can be exploited by a remote attacker to reset the password of any user...