4 matches found
PT-2025-30435 · Okta · Okta On-Premises Provisioning Agent
Name of the Vulnerable Software and Affected Versions: Okta On-Premises Provisioning OPP agents versions 2.2.1 through 2.3.0 Description: Okta On-Premises Provisioning OPP agents log specific user data during administrator-initiated password resets. An attacker gaining access to the local servers...
CVE-2023-51316
CVE-2023-51316 affects PHPJabbers Bus Reservation System v1.1, with no rate limiting in the Forgot Password/Email flow. This allows an attacker to trigger a flood of email messages for a legitimate user, meeting the criteria for a Denial of Service due to high availability impact. Multiple source...
CVE-2022-44381
Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request...
CVE-2012-1581
MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users...