Vulnerabilities > Born05

DATE	CVE	VULNERABILITY TITLE	RISK
2024-06-06	CVE-2024-5657	Insufficiently Protected Credentials vulnerability in Born05 Two-Factor Authentication 3.3.1/3.3.2/3.3.3 The CraftCMS plugin Two-Factor Authentication in versions 3.3.1, 3.3.2 and 3.3.3 discloses the password hash of the currently authenticated user after submitting a valid TOTP. network high complexity born05 CWE-522	8.1
2024-06-06	CVE-2024-5658	Improper Authentication vulnerability in Born05 Two-Factor Authentication The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period. network low complexity born05 CWE-287	6.5

Vulnerabilities > Born05 {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Born05"}]}