CVE-2024-22646

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-22646

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-22646.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-22646

Aliases

BIT-seopanel-2024-22646

Withdrawn

2024-09-03T04:41:29.716255Z

Published

2024-01-30T07:15:08Z

Modified

2024-09-03T04:38:28.349215Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system.

References

https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22646

Affected packages

Git / github.com/seopanel/seo-panel

Affected ranges

Type: GIT
Repo: https://github.com/seopanel/seo-panel
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

344a4ee53db8aa6fd9b904485076b398f17818ee

Affected versions

4.*

4.10.0

4.2.0

4.3.0

4.4.0

4.5.0

4.6.0

4.7.0

4.8.0

4.9.0