Filtered by vendor Epignosishq Subscriptions
Filtered by product Efront Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2020-28597 1 Epignosishq 1 Efront 2022-08-31 7.5 High
A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. An attacker can visit the password reset supplying the password reset token to reset the password of an account of their choice.