CVE-2022-40084

OpenCRX before v5.2.2 was discovered to be vulnerable to password enumeration due to the difference in error messages received during a password reset which could enable an attacker to determine if a username, email or ID is valid.
Configurations

Configuration 1

cpe:2.3:a:opencrx:opencrx:*:*:*:*:*:*:*:*

Information

Published : 2022-10-20 02:15

Updated : 2022-10-21 06:16


NVD link : CVE-2022-40084

Mitre link : CVE-2022-40084

Products Affected
No products.
CWE