Weak Password Recovery Mechanism for Forgotten Password in linkstackorg/linkstack
CVE-2023-5840

6.5MEDIUM

Key Information:

Vendor

Linkstackorg

Status
Linkstackorg/linkstack
Vendor
CVE Published:
29 October 2023

What is CVE-2023-5840?

Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9.

Affected Version(s)

linkstackorg/linkstack < unspecified

References

https://huntr.com/bounties/8042d8c3-650e-4c0d-9146-d9ccf6...
https://github.com/linkstackorg/linkstack/commit/fe7b99ea...

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.