Description
Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password.
Remediation
References
Related Vulnerabilities
WordPress Cross-Site Scripting Vulnerability (0.70 - 3.7.11)
WordPress Plugin Lockdown WP Admin Unspecified Vulnerability (1.1.2)
Moodle Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-5540)
Python Uncontrolled Resource Consumption Vulnerability (CVE-2022-48564)
WordPress Plugin InPost Gallery Multiple Vulnerabilities (2.1.2)