Description
Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password.
Remediation
References
Related Vulnerabilities
WordPress Plugin SG Optimizer Multiple Vulnerabilities (3.3.5)
WordPress Plugin Blogstand Banner Cross-Site Scripting (1.0)
WordPress Plugin Social Sharing-Kiwi Security Bypass (2.0.10)
WordPress Plugin EZ Portfolio Multiple Cross-Site Scripting Vulnerabilities (1.0.1)
PostgreSQL Incorrect Authorization Vulnerability (CVE-2021-20229)