CVE-2022-44938
- Reference to the description:
- Description:
- Weak reset token generation in SeedDMS v6.0.20 and v5.1.7 allows attackers to execute a full account takeover via a brute force attack.
- Last updated date:
- 12/12/2022
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 12/12/2022
- Reference url to background
https://pwnit.io/2022/11/23/weak-password-reset-token-leads-to-account-takeover-in-seeddms/