Weak Password Requirements

2023-02-0514:22:11

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

remote attacker compromise user accounts missing password strength constraints software

0.001 Low

EPSS

Percentile

26.7%

JSON

publify_core is vulnerable to Weak Password Requirements. A remote attacker can easily compromise user accounts due to missing password strength constraints.

CPENameOperatorVersion
publify_corele9.2.9
publify_corele9.2.9

CPE	Name	Operator	Version
	publify_core	le	9.2.9
	publify_core	le	9.2.9

References

github.com/advisories/GHSA-g7gf-2rqw-5rwx

github.com/publify/publify/commit/8905e4e639cf03b758da558568a86c9816253b2d

github.com/publify/publify/pull/1086

huntr.dev/bounties/81b1e1da-10dd-435e-94ae-4bdd41df6df9

huntr.dev/bounties/81b1e1da-10dd-435e-94ae-4bdd41df6df9/

0.001 Low

EPSS

Percentile

26.7%

JSON

Related for VERACODE:39137