Enviar #628785: mtons https://gitee.com/mtons/mblog <=3.5.0 Password Enumerationinformación

Títulomtons https://gitee.com/mtons/mblog <=3.5.0 Password Enumeration
DescripciónThe /settings/password endpoint is used for setting passwords, has no rate limiting, no CAPTCHA protection, leading to the ability to brute force user passwords, and after matching the password, directly modify it to a new password.
Fuente⚠️ https://gitee.com/mtons/mblog/issues/ICPMIR
Usuario
 ZAST.AI (UID 87884)
Sumisión2025-08-05 09:13 (hace 9 meses)
Moderación2025-08-13 21:21 (9 days later)
EstadoAceptado
Entrada de VulDB320033 [mtons mblog hasta 3.5.0 /settings/password divulgación de información]
Puntos16

AnteriorVisión De ConjuntoPróximo

Do you need the next level of professionalism?

Upgrade your account now!