CVE-2021-28399

CVE-2021-28399

EPSS 1.0%

OrangeHRM 4.7 allows an unauthenticated user to enumerate the valid username and email address via the forgot password function.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/C1inton/CVE-Record/blob/master/CVE%20Record/%5BCVE-2021-28399%5DOrangeHRM%204.7.md https://www.orangehrm.com/