CVE-2023-3222

CVE-2023-3222

Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests.

Source: CVE-2023-3222

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다