CVE Catalog

CVE-2024-35648

MediumCVSS 4.3
Published: Updated: Translated: NVD NIST

Summary

CSRF vulnerability in Andy Moyle's Emergency Password Reset allows Cross-Site Request Forgery. This issue affects versions from n/a through 8.0.

Risk Assessment

An attacker could exploit this vulnerability to take control of the password reset process, potentially leading to unauthorized access to user accounts.

Recommendation

It is recommended to update to the latest version of the software to mitigate the risks associated with this vulnerability.

Original NVD description (English source)

Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery. This issue affects Emergency Password Reset: from n/a through 8.0.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS