CVE-2023-35134
Weintek Weincloud Weak Password Recovery Mechanism for Forgotten Password
Weintek Weincloud v0.13.6
could allow an attacker to reset a password with the corresponding account’s JWT token only.
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Affected products
Weintek · WeincloudWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →