mblog <=3.5.0 Password Enumeration정보

제목	mtons https://gitee.com/mtons/mblog <=3.5.0 Password Enumeration
설명	The /settings/password endpoint is used for setting passwords, has no rate limiting, no CAPTCHA protection, leading to the ability to brute force user passwords, and after matching the password, directly modify it to a new password.
원천	⚠️ https://gitee.com/mtons/mblog/issues/ICPMIR
사용자	ZAST.AI (UID 87884)
제출	2025. 08. 05. AM 09:13 (9 개월 ago)
모더레이션	2025. 08. 13. PM 09:21 (9 days later)
상태	수락
VulDB 항목	320033 [mtons mblog 까지 3.5.0 /settings/password 정보 공개]
포인트들	16

Do you need the next level of professionalism?

Upgrade your account now!