7.2.3

DATE	CVE	VULNERABILITY TITLE	RISK
2022-09-28	CVE-2022-30935	Use of Insufficiently Random Values vulnerability in B2Evolution An authorization bypass in b2evolution allows remote, unauthenticated attackers to predict password reset tokens for any user through the use of a bad randomness function. network low complexity b2evolution CWE-330 critical	9.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.