Filtered by vendor Password Recovery Project
Subscriptions
Filtered by product Password Recovery
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-3221 | 1 Password Recovery Project | 1 Password Recovery | 2023-09-08 | 5.3 Medium |
| User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database. | ||||
| CVE-2023-3222 | 1 Password Recovery Project | 1 Password Recovery | 2023-09-08 | 7.5 High |
| Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing userĀ“s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests. | ||||
Page 1 of 1.