CVE-2024-5658
The CVE-2024-5658 entry affects the CraftCMS plugin “Two-Factor Authentication” (versions up to 3.3.3). The root cause is that TOTP tokens can be reused within their validity period, which is described as an improper authentication vulnerability that may allow bypassing 2FA. Practical impact is l...