Vulnerabilities > B2Evolution > B2Evolution > 7.2.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-09-28 | CVE-2022-30935 | Use of Insufficiently Random Values vulnerability in B2Evolution An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. | 9.1 |