Weintek Weincloud v0.13.6 could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses.
7.5CVSS
7.6AI Score
0.001EPSS
Weintek Weincloud v0.13.6 could allow an attacker to cause a denial-of-service condition for Weincloud by sending a forged JWT token.
7.5CVSS
7.4AI Score
0.001EPSS
Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only.
7.4CVSS
5.7AI Score
0.001EPSS
Weintek Weincloud v0.13.6 could allow an attacker to abuse the registration functionality to login with testing credentials to the official website.
8.8CVSS
8.6AI Score
0.001EPSS