Vulnerabilities (CVE)

Filtered by vendor Born05 Subscribe
Filtered by product Two-factor Authentication
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-5658 1 Born05 1 Two-factor Authentication 2024-11-21 N/A 4.8 MEDIUM
The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period.
CVE-2024-5657 1 Born05 1 Two-factor Authentication 2024-11-21 N/A 3.7 LOW
The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP.