Vulnerabilities > CVE-2023-46393 - Unspecified vulnerability in Gougucms 4.08.18

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

HIGH

Availability impact

NONE

network

low complexity

gougucms

NVD

Published: 2023-10-27

Updated: 2024-11-21

Summary

gougucms v4.08.18 was discovered to contain a password reset poisoning vulnerability which allows attackers to arbitrarily reset users' passwords via a crafted packet.

Vulnerable Configurations

Part	Description	Count
Application	Gougucms Gougucms Gougucms 4.08.18	1

References

https://gitee.com/gouguopen/gougucms/issues/I88TKH
https://gitee.com/gouguopen/gougucms/issues/I88TKH