Vulnerabilities > Weak Password Recovery Mechanism for Forgotten Password
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-31 | CVE-2023-46138 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host and maintenance security audit system that complies with 4A specifications. | 5.3 |
| 2023-10-29 | CVE-2023-5840 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Linkstack Weak Password Recovery Mechanism for Forgotten Password in GitHub repository linkstackorg/linkstack prior to v4.2.9. | 8.8 |
| 2023-10-10 | CVE-2023-44399 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Zitadel ZITADEL provides identity infrastructure. | 5.3 |
| 2023-09-29 | CVE-2023-5296 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Rockoa 1.1/15.X3Amdi/2.3.2 A vulnerability was found in Xinhu RockOA 1.1/2.3.2/15.X3amdi and classified as problematic. | 7.5 |
| 2023-09-27 | CVE-2023-43650 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fit2Cloud Jumpserver JumpServer is an open source bastion host. | 7.4 |
| 2023-09-19 | CVE-2023-4096 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Fujitsu Arconte Aurea 1.5.0.0 Weak password recovery mechanism vulnerability in Fujitsu Arconte Áurea version 1.5.0.0, which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order to change the password of a legitimate user. | 8.2 |
| 2023-09-07 | CVE-2023-34357 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Scshr HR Portal 7.3.2023.0510/7.3.2023.0705 Soar Cloud Ltd. | 7.8 |
| 2023-09-04 | CVE-2023-3222 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password Recovery Project Password Recovery 1.2 Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. | 7.5 |
| 2023-08-21 | CVE-2023-4448 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Openrapid Rapidcms 1.3.1 A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. | 9.8 |
| 2023-07-19 | CVE-2023-35134 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Weintek Weincloud 0.13.6 Weintek Weincloud v0.13.6 could allow an attacker to reset a password with the corresponding account’s JWT token only. | 5.9 |