Description
The user password reset form in Drupal 8.x before 8.2.3 allows remote attackers to conduct cache poisoning attacks by leveraging failure to specify a correct cache context.
Remediation
References
Related Vulnerabilities
WordPress Plugin Fast Velocity Minify Information Disclosure (2.7.6)
WordPress Plugin Instant Images-One Click Unsplash Uploads Cross-Site Scripting (4.4.0)
XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-29203)
Oracle Database Server CVE-2012-0520 Vulnerability (CVE-2012-0520)
WordPress Plugin GiveWP-Donation and Fundraising Platform PHP Object Injection (2.3.0)