User Enumeration Vulnerability in PHPJabbers Make an Offer Widget
CVE-2023-40767

9.8CRITICAL

Key Information:

Vendor

PHPjabbers

Status
Make An Offer Widget
Vendor
CVE Published:
28 August 2023

What is CVE-2023-40767?

A user enumeration vulnerability exists in PHPJabbers Make an Offer Widget v1.0 triggered during the password recovery process. The flaw permits attackers to discern valid user accounts through differing system messages, potentially facilitating brute force attacks. By leveraging this weakness, unauthorized users may exploit it to gain access to private accounts or sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://www.phpjabbers.com/make-an-offer-widget/
https://medium.com/%40mfortinsec/multiple-vulnerabilities...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.