EPSS
Percentile
56.9%
modoboa has Weak Password Requirements. The vulnerability exists in the clean function of forms.py due to lack of check conditions which allows an attacker to set unsafe passwords and bypass the password requirements.
clean
forms.py
github.com/advisories/GHSA-9gxx-32p7-ff7m
github.com/modoboa/modoboa/commit/130257c96a2392ada795785a91178e656e27015c
github.com/modoboa/modoboa/pull/2949
huntr.dev/bounties/54fb6d6a-6b39-45b6-b62a-930260ba484b
huntr.dev/bounties/54fb6d6a-6b39-45b6-b62a-930260ba484b/