Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a GET request and not canceled after use, which allows remote attackers to obtain user passwords via a crafted external service with access to the referrer field.
References
Link | Resource |
---|---|
https://magento.com/security/patches/supee-6788 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2017-09-26 01:29
Updated : 2024-02-28 16:04
NVD link : CVE-2015-8707
Mitre link : CVE-2015-8707
CVE.ORG link : CVE-2015-8707
JSON object : View
Products Affected
magento
- magento
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor