Description
Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery Mechanism for a Forgotten Password.
Remediation
References
Related Vulnerabilities
WordPress Plugin Smash Balloon Social Post Feed Cross-Site Scripting (4.1)
phpList CVE-2023-27576 Vulnerability (CVE-2023-27576)
PHP Numeric Errors Vulnerability (CVE-2007-1383)
WordPress 5.9.x Multiple Vulnerabilities (5.9 - 5.9.4)
WordPress Plugin Garee's Flickr Feed Multiple Cross-Site Scripting Vulnerabilities (0.8)