kiwitcms is vulnerable to information disclosure. The vulnerability exists because the common.py
does not enable the password validators to avoid users choosing weak passwords when the users register new accounts or change passwords, allowing an attacker to guess the password.