CVE-2022-40084
- Reference to the description:
- Description:
- OpenCRX before v5.2.2 was discovered to be vulnerable to password enumeration due to the difference in error messages received during a password reset which could enable an attacker to determine if a username, email or ID is valid.
- Last updated date:
- 10/21/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 10/21/2022
- Reference url to background
https://github.com/ciph0x01/OpenCRX-CVE/blob/main/CVE-2022-40084.md