Vulnerabilities > Weak Password Recovery Mechanism for Forgotten Password
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-03-29 | CVE-2022-1073 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Automatic Question Paper Generator System Project Automatic Question Paper Generator System 1.0 A vulnerability was found in Automatic Question Paper Generator 1.0. | 7.5 |
| 2022-03-01 | CVE-2022-0777 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Microweber Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3. | 5.0 |
| 2022-02-09 | CVE-2022-23619 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xwiki XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. | 5.0 |
| 2022-01-28 | CVE-2021-27654 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Pega Infinity Forgotten password reset functionality for local accounts can be used to bypass local authentication checks. | 4.6 |
| 2022-01-24 | CVE-2022-23855 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Saviynt Enterprise Identity Cloud An issue was discovered in Saviynt Enterprise Identity Cloud (EIC) 5.5 SP2.x. | 9.8 |
| 2022-01-18 | CVE-2021-44839 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Deltarm Delta RM 1.2 An issue was discovered in Delta RM 1.2. | 4.0 |
| 2021-12-13 | CVE-2021-39919 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gitlab In all versions of GitLab CE/EE starting version 14.0 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2, the reset password token and new user email token are accidentally logged which may lead to information disclosure. | 2.1 |
| 2021-11-19 | CVE-2021-44037 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Teampasswordmanager Team Password Manager Team Password Manager (aka TeamPasswordManager) before 10.135.236 allows password-reset poisoning. | 5.0 |
| 2021-10-04 | CVE-2021-39899 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gitlab In all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function. | 1.9 |
| 2021-09-29 | CVE-2021-25961 | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Salesagility Suitecrm In “SuiteCRM” application, v7.1.7 through v7.10.31 and v7.11-beta through v7.11.20 fail to properly invalidate password reset links that is associated with a deleted user id, which makes it possible for account takeover of any newly created user with the same user id. | 6.0 |