Vulnerabilities > Password Recovery Project

DATE	CVE	VULNERABILITY TITLE	RISK
2023-09-04	CVE-2023-3221	Information Exposure Through Discrepancy vulnerability in Password Recovery Project Password Recovery 1.2 User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database. network low complexity password-recovery-project CWE-203	5.3
2023-09-04	CVE-2023-3222	Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password Recovery Project Password Recovery 1.2 Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. network low complexity password-recovery-project CWE-640	7.5

Vulnerabilities > Password Recovery Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Password Recovery Project"}]}