3.7.1c

DATE	CVE	VULNERABILITY TITLE	RISK
2021-01-27	CVE-2020-23356	Improper Authentication vulnerability in Nibbleblog 3.7.1C dmin/kernel/api/login.class.phpin in nibbleblog v3.7.1c allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. network low complexity nibbleblog CWE-287	5.0

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.