OpenCRX before v5.2.2 exists to be vulnerable to password enumeration due to the difference in error messages received during a password reset which could enable an malicious user to determine if a username, email or ID is valid.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
opencrx opencrx |