CVE-2022-0777

Weak Password Recovery Mechanism for Forgotten Password in microweber/microweber

CVSS 7.3 HIGHEPSS 1.2%CWE-640

Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3.

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Affected products

microweber · microweber/microweber

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/microweber/microweber/commit/a3944cf9d1d8c41a48297ddc98302934e2511b0f https://huntr.dev/bounties/b36be8cd-544f-42bd-990d-aa1a46df44d7