CVE-2020-15906

CVE-2020-15906

EPSS 27.4%

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

http://packetstormsecurity.com/files/159663/Tiki-Wiki-CMS-Groupware-21.1-Authentication-Bypass.html https://info.tiki.org/article473-Security-Releases-of-all-Tiki-versions-since-16-3