Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:25407
HistoryMay 14, 2020 - 3:25 a.m.

Information Disclosure

2020-05-1403:25:42
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9

0.001 Low

EPSS

Percentile

36.0%

typo3/cms-core is vulnerable to information disclosure. A remote attacker is able to discover valid email address via the password reset function by analyzing the server response time upon submitting the password reset with an arbitrary email address.

CPENameOperatorVersion
typo3/cms-corele10.4.1

0.001 Low

EPSS

Percentile

36.0%