CVE-2022-44381

Snipe-IT through 6.0.14 allows attackers to check whether a user account exists because of response variations in a /password/reset request.
References
Configurations

Configuration 1

cpe:2.3:a:snipeitapp:snipe-it:*:*:*:*:*:*:*:*

Information

Published : 2022-12-25 05:15

Updated : 2022-12-30 10:04


NVD link : CVE-2022-44381

Mitre link : CVE-2022-44381

Products Affected
No products.
CWE