CVE Catalog
CVE-2024-35648
MediumCVSS 4.3Summary
CSRF vulnerability in Andy Moyle's Emergency Password Reset allows Cross-Site Request Forgery. This issue affects versions from n/a through 8.0.
Risk Assessment
An attacker could exploit this vulnerability to take control of the password reset process, potentially leading to unauthorized access to user accounts.
Recommendation
It is recommended to update to the latest version of the software to mitigate the risks associated with this vulnerability.
Original NVD description (English source)
Cross-Site request forgery (CSRF) vulnerability in Andy Moyle Emergency Password Reset allows Cross Site Request Forgery. This issue affects Emergency Password Reset: from n/a through 8.0.

