CVE-2022-32741
Information disclosure in Request New Password feature
Attacker is able to determine if the provided username exists (and it's valid) using Request New Password feature, based on the response time.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Produtos afetados
OTRS AG · OTRSQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →