Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Two-Factor Authentication Security Vulnerabilities

cve
cve

CVE-2024-5657

The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP.

8.1CVSS

7.2AI Score

0.001EPSS

2024-06-06 11:15 AM
26
cve
cve

CVE-2024-5658

The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period.

6.5CVSS

7.3AI Score

0.001EPSS

2024-06-06 11:15 AM
26