Skip to main content

Password Recovery

2 CVEs product

Monthly

CVE-2023-3222 HIGH This Week

Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Password Recovery
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3221 MEDIUM This Month

User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Password Recovery
NVD
CVSS 3.1
5.3
EPSS
0.5%
EPSS 1% CVSS 7.5
HIGH This Week

Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Password Recovery
NVD
EPSS 0% CVSS 5.3
MEDIUM This Month

User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Password Recovery
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy