MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a leaked hash (the hash never expires until used).
References
Configurations
History
07 Nov 2023, 03:08
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2020-02-10 13:15
Updated : 2024-02-28 17:28
NVD link : CVE-2019-20062
Mitre link : CVE-2019-20062
CVE.ORG link : CVE-2019-20062
JSON object : View
Products Affected
mfscripts
- yetishare
CWE
CWE-287
Improper Authentication